An overview of the regulation of virtual assets in Singapore
Virtual asset laws and regulations in Singapore
Regulation of virtual assets and offerings of virtual assets in Singapore
Regulation of VASPs in Singapore
Regulation of other crypto-related activities in Singapore
Other relevant regulatory information
Pending litigation and judgments related to virtual assets in Singapore (if any)
Government outlook on virtual assets and crypto-related activities in Singapore
1. Virtual asset laws and regulations in Singapore
Singapore’s regulatory approach to virtual assets promotes innovation while ensuring compliance. The Monetary Authority of Singapore (MAS) has implemented measures to create a balanced regulatory framework for investor protection. Specific legislations have been introduced to oversee virtual asset service providers, highlighting regulatory clarity and investor safeguarding.
The regulatory framework, primarily governed by the Payment Services Act 2019 (PSA), encompasses a wide spectrum of payment service providers, including those engaged in digital payment token services.
In Singapore, virtual asset service providers are mandated to obtain a license from MAS to operate lawfully. The licensing regime is structured to ensure that service providers comply with stringent regulatory obligations, including anti-money laundering and counter-terrorism financing measures.
What is considered a virtual asset in Singapore?
In Singapore, virtual assets typically refer to digital payment tokens (DPTs) and other forms of digital assets that are used for transactions or investments. In other words, a virtual asset is essentially a digital representation of value that can be used for payments or investments, and is not pegged to any currency. It’s like a digital cash that isn’t tied to a specific government-issued currency. These assets are subject to regulatory oversight by the MAS.
The PSA in Singapore governs DPTs, categorised as a type of virtual asset. MAS employs a “risk-based approach” to assess various digital tokens for potential regulatory inclusion.
What are the relevant laws and regulations?
Timeline of key regulations and guidelines for Digital Payment Token Service Providers (DPTSPs) in Singapore:
Date | Regulation/Guideline | Issuing Authority | Aspect Covered | Additional Information |
---|---|---|---|---|
2014 | Guidelines for the Regulation of Virtual Currency Exchanges | MAS | Know-Your-Customer (KYC), Anti-Money Laundering (AML), Customer Due Diligence (CDD) | Focused on preventing virtual currency exchanges from being used for illicit activities. |
2019 | Notice PSN02 on Prevention of Money Laundering and Countering the Financing of Terrorism | MAS | Risk Management, Customer Monitoring, Transaction Reporting | Established an extensive AML/CFT framework for DPTSPs. |
July 2019 | Consultation Paper on Proposed Payment Services Regulations | MAS | Scope of PSA, Licensing Requirements for DPTSPs | Sought public feedback on proposed regulations for various types of payment services, including DPTs |
January 2020 | PSA | Parliament | Licensing, Regulatory Oversight, Consumer Protection | Established a legal framework for regulating all payment services, including DPTSPs. |
February 2022 | Financial Services and Markets Act | Parliament | Regulatory Compliance with FATF Standards | Brought Singapore’s virtual asset regulations in line with international best practices to combat financial crime. |
July 2023 | Consultation Paper on Draft Amendments to Payment Services Regulations | MAS | Regulatory Enhancements for DPTSPs | Gathered feedback on proposed updates to strengthen regulations for DPTSPs and address emerging risks. |
November 2023 | Response to Feedback on Proposed Regulatory Measures for Digital Payment Token Services | MAS | Regulatory Clarity, Industry Collaboration | Addressed stakeholder concerns and provided further details on the enhanced regulatory framework for DPTSPs. |
Mid-2024 (Expected) | Guidelines for DPTSPs | MAS | Cybersecurity, Market Conduct, Advertising Standards | Will provide DPTSPs with clear guidance on how to comply with the regulations and operate in a safe and responsible manner. |
Who do such laws and regulations apply to?
The laws and regulations regarding virtual assets in Singapore apply to various entities involved in virtual asset activities. These include:
- DPTSPs: Any business that provides services related to the transfer, exchange, or custody of DPTs is required to be licensed and regulated as a Major Payment Institution under the PSA. DPTs refer to cryptocurrencies like Bitcoin and Ether.
- Initial Coin Offerings (ICOs) and Security Token Offerings (STOs): If the digital tokens issued constitute securities under the Securities and Futures Act (SFA), the issuer must lodge and register a prospectus with MAS, unless exempted. The issuer and any intermediaries involved may also require licensing under the SFA.
- Financial Advisers: Those providing advice on investment products involving virtual assets are subject to the Financial Advisers Act (FAA). They must be licensed and comply with conduct and disclosure requirements.
- Companies under the PSA: The PSA governs a wide range of payment service companies in Singapore, including those involved in account issuance, local and international money transfer services, e-money issuance, merchant acquisition, digital payment token services, and foreign exchange services. These companies must comply with PSA’s compliance requirements such as Suspicious Activity Reports (SARs), transaction monitoring, screening, and Customer Due Diligence (CDD).
Who are the relevant regulatory authorities in relation to virtual assets in Singapore?
The key regulatory authorities overseeing virtual assets in Singapore are:
- MAS: The MAS serves as the central bank and the main financial regulator in Singapore. It is responsible for overseeing virtual asset activities under the PSA. MAS issues various regulatory guidelines, consultation papers, and notices related to virtual assets. Additionally, MAS is actively working to enhance the regulatory framework to address AML/CFT risks.
- Financial Action Task Force (FATF): Although FATF is not a Singaporean regulatory body, it plays a crucial role by setting global standards for combating money laundering and terrorism financing. Singapore adheres to FATF’s recommendations on virtual assets, aligning its regulations with international best practices to ensure comprehensive oversight and security.
- Accounting and Corporate Regulatory Authority (ACRA): ACRA is the national regulator of business entities and public accountants in Singapore. It works closely with MAS to ensure that virtual asset service providers comply with AML/CFT requirements.
What are the penalties for breaches of virtual asset laws and regulations in Singapore?
In Singapore, penalties for breaching virtual asset laws and regulations can be severe and include fines, imprisonment, and license revocation. Here is an explanation under different regulations:
- SFA: Breaching prospectus or licensing requirements for offering virtual assets considered securities under the SFA can lead to fines of up to SGD 200,000 and/or imprisonment for up to 2 years. Intermediaries involved in the sale of security tokens must be licensed under the SFA, and violations can result in legal actions and penalties.
- PSA: Violating licensing or AML/CFT requirements for providing DPT services under the PSA may lead to fines of up to SGD 100,000 and/or imprisonment for up to 2 years. MAS has the authority to revoke or suspend licenses of DPT service providers who breach regulatory requirements.
- The MAS has the power to impose financial penalties of up to SGD 1 million (USD 734,000) for breaches of the PSA. However, the provisions do not specify this penalty amount for breaching DPT service licensing or AML/CFT requirements.
- In addition to the above, the MAS has the power to take enforcement action against any person or company that breaches the laws and regulations related to virtual assets. This may include issuing warnings, directions, and prohibition orders, as well as pursuing civil or criminal proceedings.
2. Regulation of virtual assets and offerings of virtual assets in Singapore
Are virtual assets classified as ‘securities’ or other regulated financial instruments in Singapore?
In Singapore, virtual assets like cryptocurrencies are not automatically considered securities or other regulated financial instruments. Instead, their classification depends on their specific characteristics and features. Here’s a simple breakdown:
- DPTs: Cryptocurrencies like Bitcoin and Ether fall into this category. They are regulated under the PSA. Businesses dealing with these tokens, such as transferring, exchanging, or storing them, need a license from the MAS.
- Security Tokens: If a virtual asset acts like a security, such as representing shares in a company, debt, or derivatives, it is regulated under the SFA. Issuers of these tokens may need to comply with certain requirements, like getting approval from MAS and providing a prospectus.
- Utility Tokens: These tokens provide access to a specific application or service. Generally, they are not regulated as securities or financial instruments in Singapore.
- ICOs and STOs: The regulation depends on whether the tokens are considered securities under the SFA. If they are, the issuer must comply with the relevant regulations, which might include lodging a prospectus with MAS.
In essence, whether a virtual asset is regulated and how it is regulated in Singapore depends on what it does and how it functions. Each virtual asset requires careful examination to determine the applicable regulations.
Are stablecoins and NFTs regulated in Singapore?
In Singapore, stablecoins are subject to regulatory oversight by MAS under the PSA of 2019. Specifically, if a stablecoin’s value in circulation exceeds SGD 5 million, the issuer is required to be licensed and regulated under the PSA as a Major Payment Institution.
(In Singapore, companies offering payment services like digital wallets, money transfers, or merchant acquiring need a license from the MAS. There are two main types of licenses: the Money-changing and Remittance license, and the Payment Services license.
The Payment Services license has three categories:
- Standard Payment Institution
- Major Payment Institution
- Money Services Business
A company must apply for a Major Payment Institution license if it exceeds certain thresholds, such as processing over SGD 3 million in monthly transactions. This license allows the company to provide a broader range of services with fewer restrictions compared to a Standard Payment Institution.)
Under the PSA, stablecoin issuers are subject to various regulatory requirements, including:
- Maintaining sufficient reserves: Stablecoin issuers are required to hold reserves in the form of cash or cash equivalents, such as government securities, to ensure that they can redeem the stablecoins in circulation at any time.
- Risk management: Stablecoin issuers are required to have in place extensive risk management frameworks to address the risks associated with their business, including operational, credit, and liquidity risks.
- AML/CFT regulations: Stablecoin issuers are subject to the same AML/CFT regulations as other MAS-regulated entities. They are required to put in place measures to detect and prevent money laundering and terrorism financing activities, including those that may involve virtual assets.
- Consumer protection: Stablecoin issuers are required to disclose to their customers the terms and conditions of their services, including the fees and charges, and to provide them with timely and accurate information about their transactions.
Furthermore, In November 2022, MAS issued guidelines requiring all stablecoin issuers to be licensed and meet requirements related to reserve assets, valuation, custody, and disclosure. These guidelines, known as the “Response to Public Consultation on Proposed Regulatory Approach for Stablecoin-related Activities,” aim to manage potential monetary and financial stability risks associated with stablecoins. The guidelines focus on key aspects such as the maintenance of reserve assets, prudential limitations, redemption standards, and disclosure to users.
Whereas, Non-Fungible Tokens (NFTs) are seen as assets that can be legally protected in Singapore. A court decision in the case of “Janesh s/o Rajkumar v Unknown Person (“CHEFPIERRE”) [2002] SGHC 264 recognised NFTs as assets, meaning they are covered by laws safeguarding assets.
Virtual marketplaces that help trade NFTs likely have to follow the same rules as other financial service providers in Singapore, such as AML/CFT regulations.
Are decentralised finance (DeFi) activities (e.g. lending virtual assets) regulated in Singapore?
DeFi activities in Singapore are regulated by the MAS under the PSA and SFA, depending on the specific characteristics of the DeFi service.
If a DeFi activity involves a payment service that falls under one of the seven payment services defined in the PSA, such as DPT services, money-changing services, or cross-border money transfer services, it must be regulated under the PSA. DPT service providers are required to obtain a license from MAS and comply with AML/CFT regulations.
DeFi activities that involve the issuance or trading of digital tokens that constitute securities under the SFA may also be regulated. MAS has stated that DeFi platform operators providing marketplaces for trading such security tokens may be subject to licensing requirements under the SFA.
Other DeFi activities that do not fall under the PSA or SFA could still be subject to regulation under common law principles related to contracts and compliance with AML/CFT requirements.
Are there any restrictions on issuing or publicly offering virtual assets in Singapore?
The issuance and offering of virtual assets in Singapore are subject to regulations by the MAS under the SFA and the PSA. Here’s a more comprehensive overview of the regulations:
- SFA: If a virtual asset has characteristics of a security, such as representing ownership in a company or providing rights like dividends, it is regulated under the SFA. Issuers offering such security tokens must comply with the SFA’s prospectus requirements, which involve registering a prospectus with MAS that discloses key information about the offering. Intermediaries involved in the offer or sale of security tokens, such as digital asset exchanges, must also be licensed under the SFA to conduct regulated activities.
In November 2019, MAS issued guidelines clarifying when digital tokens fall under the SFA and the regulatory requirements issuers and intermediaries must meet.
- PSA: Virtual assets that function as a medium of exchange and are not considered securities are regulated as DPTs under the PSA. Entities providing services related to the transfer, exchange, or custody of DPTs, such as cryptocurrency exchanges and wallet providers, must be licensed as Major Payment Institutions under the PSA. Licensed DPT service providers must comply with AML/CFT regulations, such as conducting customer due diligence, monitoring transactions, and reporting suspicious activities.In October 2020, MAS proposed a new regulatory framework for stablecoin issuers, requiring them to be licensed and meet requirements related to reserve assets, valuation, and disclosure.
- Stablecoins: In November 2022, MAS issued guidelines requiring all stablecoin issuers to be licensed and meet requirements related to reserve assets, valuation, custody, and disclosure. The guidelines aim to manage potential monetary and financial stability risks associated with stablecoins and ensure their stability and reliability.
- NFTs: While not explicitly regulated, a recent Singapore High Court decision recognised NFTs as a form of digital asset that can be legally protected. NFT marketplaces facilitating trading may be subject to regulations such as AML/CFT requirements, depending on their specific activities.
Are there any exemptions to the restrictions on issuing or publicly offering of virtual assets in Singapore?
Yes, there are exemptions to the restrictions on issuing or publicly offering virtual assets in Singapore under the SFA and the PSA:
- SFA Exemptions:
- Small offers: Offers of virtual assets worth SGD 5 million (USD 3.67 million) or less in a 12-month period are exempt from the prospectus requirement.
- Private placements: Offers to no more than 50 investors in a 12-month period, where the investors are accredited investors or institutional investors, are exempt from the prospectus requirement.
- Offers to accredited investors: Offers made only to accredited investors are exempt from the prospectus requirement.
- Exempt issuers: Certain issuers, such as government agencies and companies listed on approved stock exchanges, are exempt from the prospectus requirement.
- PSA Exemptions:
-
- Small DPT service providers: Those with an average monthly transaction value of SGD 3 million (USD 2.2 million) or less are exempt from the licensing requirement.
- Limited DPT service providers: Those providing only certain DPT services, such as exchange or transfer, with an average monthly transaction value of SGD 5 million (USD 3.67 million) or less, are exempt from the licensing requirement.
- Exempt DPT service providers: Certain providers, such as those serving only other licensed DPT service providers, are exempt from the licensing requirement.
Even with these exemptions, virtual asset service providers must still comply with AML/CFT requirements.
3. Regulation of VASPs in Singapore
Are VASPs operating in Singapore subject to regulation?
Yes, VASPs in Singapore are regulated by the MAS. Under the PSA, VASPs, also known as DPTSPs, must register for a trading license from the MAS to provide any of the seven types of regulated payment services, which include:
- Account issuance service: Providing services related to the operation of a payment account in Singapore, such as e-wallets or credit cards.
- Domestic money transfer service: Offering local money transfer services within Singapore.
- Cross-border money transfer service: Providing inbound and/or outbound remittance services in Singapore.
- Merchant acquisition service: Contracting with merchants to process payment transactions and transfer money.
- E-money issuance service: Issuing e-money in Singapore for payments or transfers.
- DPT service: Buying or selling DPTs as a business or providing a platform for DPT transactions.
- Money-changing service: Exchanging one currency for another.
Are VASPs providing virtual asset services from offshore to persons in Singapore subject to regulation in Singapore?
Yes, VASPs providing virtual asset services from offshore to persons in Singapore are subject to regulation in Singapore. The MAS has extended its regulatory framework to cover VASPs operating outside Singapore but providing digital token services to individuals in Singapore.
These VASPs are required to obtain licensing and supervision to ensure compliance with AML/CFT rules. The MAS has implemented regulations under the PSA to oversee and regulate VASPs, ensuring that they adhere to AML/CFT measures and maintain adequate oversight.
Additionally, the new Financial Services and Markets Act has been introduced to regulate VASPs offering virtual asset services outside of Singapore, ensuring they align with the FATF standards and enhancing regulatory oversight in the virtual asset sector.
What are the main requirements for obtaining licensing / registration as a VASP in Singapore?
To obtain licensing or registration as a VASP in Singapore, the following are the main requirements:
- Company registration: The VASP must be registered with the ACRA as a business entity before applying for a payment services license with the MAS.
- Local presence: The VASP must have a permanent place of business in Singapore and appoint at least one executive director who is a Singapore citizen or Permanent Resident.
- Financial requirements: The VASP must satisfy financial requirements prescribed by MAS, such as minimum base capital and ongoing capital adequacy requirements.
- AML/CFT measures: The VASP must have AML/CFT measures in place, including conducting customer due diligence, monitoring transactions, and reporting suspicious activities to the authorities. The VASP must also assess the risks of the jurisdictions in which they operate and take a risk-based approach, including performing enhanced customer due diligence in higher-risk cases.
- Risk management framework: The VASP must have a risk management framework to identify, assess, and mitigate operational, cybersecurity, and financial risks. The VASP must also have a technology infrastructure with cybersecurity measures to protect against hacking and other cyber threats.
- Compliance arrangements: The VASP must have adequate compliance arrangements commensurate with the scale, nature, and complexity of their operations. The VASP must retain thorough records of users for AML/CFT inspections and have proper internal mechanisms to transmit suspicious activity reports (SARs) to MAS.
- Disclosure requirements: The VASP must disclose essential information to customers and issue receipts for transactions.
- Licensing/Registration: The VASP must obtain a license from MAS to DPT services. There are three types of licenses: Money-changing License, Standard Payment Institution License, and Major Payment Institution License. The requirements for each license may vary, and MAS will assess each application on a case-by-case basis.
Here is a more detailed classification of the three types of licenses or registrations:
- Money-changing License: Allows the VASP to provide DPT exchange services, where customers can exchange DPTs for fiat currencies or vice versa. The VASP is not permitted to provide any other type of DPT service under this license.Key requirements include:
- Minimum base capital of SGD 100,000 (approximately USD 74,000);
- AML/CFT measures, including customer due diligence, transaction monitoring, and suspicious activity reporting;
- risk management framework, including operational, cybersecurity, and financial risk controls;
- compliance arrangements, including record-keeping and internal SAR reporting mechanisms; and
- disclosure requirements, such as providing essential information to customers and issuing receipts for transactions
- Standard Payment Institution License: Allows the VASP to provide DPT transfer services, where customers can transfer DPTs to other customers or merchants, and DPT custody services, where the VASP holds and safeguards customers’ DPTs.The VASP is not permitted to provide DPT exchange services under this license.Key requirements include:
- Minimum base capital of SGD 250,000 (approximately USD 185,000);
- AML/CFT measures, including customer due diligence, transaction monitoring, and suspicious activity reporting;
- risk management framework, including operational, cybersecurity, and financial risk controls;
- compliance arrangements, including record-keeping and internal SAR reporting mechanisms;
- disclosure requirements, such as providing essential information to customers and issuing receipts for transactions; and
- the VASP must ensure that customers’ DPTs are held in segregated accounts and are insured or otherwise protected against loss or theft.
- Major Payment Institution License: Allows the VASP to provide all types of DPT services, including DPT exchange services, DPT transfer services, and DPT custody services.Key requirements include:
- Minimum base capital of SGD 5 million (approximately USD 3.7 million);
- AML/CFT measures, including customer due diligence, transaction monitoring, and suspicious activity reporting;
- risk management framework, including operational, cybersecurity, and financial risk controls;
- compliance arrangements, including record-keeping and internal SAR reporting mechanisms;
- disclosure requirements, such as providing essential information to customers and issuing receipts for transactions;
- the VASP must ensure that customers’ DPTs are held in segregated accounts and are insured or otherwise protected against loss or theft; and
- the VASP must have a business continuity plan in place to ensure that it can continue to provide services in the event of a disruption or disaster.
What are the main ongoing requirements for VASPs regulated in Singapore?
Here are the main ongoing requirements for VASPs in Singapore based on the legislations on virtual assets:
- Avoiding Prohibited Activities: VASPs must not engage in any prohibited activities as per the PSA 2019, including unauthorised disclosure of customer information or unlawful access to customer accounts.
- AML/CFT compliance: VASPs must implement AML/CFT measures as per the MAS Notice on Prevention of Money Laundering and Countering the Financing of Terrorism – Digital Payment Token Service Providers, including conducting customer due diligence, monitoring transactions, and reporting suspicious activities to the authorities.
- Risk management: VASPs must maintain a comprehensive risk management framework as per the MAS Guidelines on Risk Management Practices, to identify, assess, and mitigate operational, cybersecurity, and financial risks.VASPs must also establish secure technology infrastructure with cybersecurity measures as per the MAS Technology Risk Management Guidelines, to protect against hacking and cyber threats.VASPs must develop business continuity and disaster recovery plans as per the MAS Guidelines on Business Continuity Management, to ensure service continuity in disruptions.
- Compliance arrangements: VASPs must maintain adequate compliance arrangements suitable for the scale, nature, and complexity of operations as per the MAS Notice on Compliance Arrangements for Digital Payment Token Service Providers.VASPs must retain thorough records of users for AML/CFT inspections and have mechanisms for transmitting SARs to MAS as per the MAS Notice on Suspicious Activity Reporting for Digital Payment Token Service Providers.VASPs must ensure policies and procedures are in place to comply with all applicable laws and regulations as per the MAS Notice on Legal and Regulatory Compliance for Digital Payment Token Service Providers.
- Audit and Reporting: VASPs must conduct annual audits of accounts and financial statements by an independent auditor as per the MAS Notice on Audit and Reporting Requirements for DPT Service Providers. VASPs must submit annual reports and regulatory filings to MAS, detailing operations, financial performance, risk management, and compliance with AML/CFT and other regulatory requirements as per the MAS Notice on Annual Reporting and Regulatory Filings for Digital Payment Token Service Providers.
- Disclosure and Transparency: VASPs must disclose essential information to customers and issue receipts for transactions as per the MAS Notice on Disclosure and Transparency Requirements for Digital Payment Token Service Providers. VASPs must maintain a clear fee structure, provide regular account activity statements, and disclose any conflicts of interest with corresponding management policies as per the MAS Notice on Fair Dealing and Customer Protection for Digital Payment Token Service Providers.
- Cybersecurity: VASPs must establish a robust cybersecurity framework with dedicated teams, regular testing, and encryption to protect customer data as per the MAS Technology Risk Management Guidelines. VASPs must implement multi-factor authentication and conduct regular vulnerability assessments to safeguard against cyber threats as per the MAS Notice on Cybersecurity for Digital Payment Token Service Providers.
- User protection measures: VASPs must take measures to safeguard customers’ money against insider fraud and external threats, and ensure that customers are informed of their rights and the risks of the services provided as per the MAS Notice on User Protection for Digital Payment Token Service Providers.
- Safeguarding of customer money: VASPs must comply with regulations around safeguarding customer funds, maintaining financial safeguards like escrow accounts, insurance, or financial guarantees to protect customer funds as per the MAS Notice on Safeguarding of Customer Money for Digital Payment Token Service Providers.
What are the main restrictions on VASPs in Singapore?
VASPs in Singapore are subject to several key restrictions, primarily explained in the PSA and the guidelines provided by the MAS.
- Licensing requirement: As per the PSA, VASPs must obtain a license from the MAS to operate in Singapore. The licensing system is flexible and risk-based, with VASPs needing to meet certain financial and business conduct standards.
- Prohibited activities: The PSA prohibits VASPs from engaging in certain activities. For instance, they can’t provide credit to individuals in Singapore, use customer funds for their own business activities, or offer cash withdrawals in Singapore dollars from e-money accounts held by Singapore residents.
- AML/CFT measures: VASPs are subject to strict AML and CFT regulations as per the PSA and the MAS Notice on Prevention of Money Laundering and Countering the Financing of Terrorism. They must conduct risk assessments, develop policies and controls to manage these risks, and report any suspicious transactions to the authorities.
- Technology and cyber hygiene: The MAS’s Technology Risk Management Guidelines and the PSA require VASPs to implement robust technology and cybersecurity measures to protect customer data, transactions, and systems.
- Overseas operations: As given in the PSA, VASPs based in Singapore that offer digital token services outside of Singapore will be subject to licensing and supervision to ensure that the MAS has adequate oversight.
- Financial stability and risk management: The PSA and the MAS’s guidelines on risk management require VASPs to demonstrate financial stability and have strong risk management controls in place. These controls should be appropriate for the scale, nature, and complexity of their operations.
What are the main information that VASPs have to make available to its customers?
In Singapore, VASPs are required to provide their customers with essential information to help them make informed decisions. This is primarily given in the PSA, the MAS Notice on Disclosure and Transparency Requirements for Digital Payment Token Service Providers and MAS Notice on Fair Dealing and Customer Protection for Digital Payment Token Service Providers.
- Key conduct requirements: VASPs, as regulated entities, must follow key conduct requirements that promote transparency and protect customer interests. These requirements ensure that VASPs operate in a fair and honest manner. For example, they must communicate with customers in a clear, fair, and not misleading manner.
- Transaction receipts: VASPs are required to issue a receipt for every transaction with a customer who is an individual or sole-proprietor, or when the customer requests a receipt. The receipt must include details like the type of asset, the amount, the date and time, and any charges. It can be in paper or electronic form and may be a single receipt for each transaction or a consolidated receipt for all transactions over a specified period.
- Exchange rate information: VASPs must disclose whether or not they offer an exchange rate at the point of transaction, and if the rate is determined by a third party. If a third party determines the exchange rate, the VASP must disclose this information in writing to the customer.
- Essential information: VASPs must disclose essential information to customers about their services, including the types of digital assets they offer, the terms and conditions, and any risks involved. For example, they must provide information on the key features and risks of the DPT, and the terms and conditions of the account or contract.
- Clear charges: As per MAS Notice on Fair Dealing and Customer Protection for Digital Payment Token Service Providers, VASPs must have a clear fee structure. They must inform customers about any fees or charges for their services, like transaction fees, withdrawal fees, etc. For instance, they must disclose all fees and charges that the customer will or may have to bear, including any fees or charges that are not quantified at the time of disclosure.
- Account statements: VASPs must give customers regular account statements. These should include all transaction details and the account balance at the start and end of the period.
- Conflicts of interest: VASPs must disclose any conflicts of interest that may arise. They must also have policies to handle these conflicts fairly and transparently. For example, they must disclose to the customer the nature and/or source of the conflict of interest and the manner in which the DPT service provider intends to manage the conflict of interest.
What market misconduct legislation/regulations apply to virtual assets?
In Singapore, VASPs are subject to a comprehensive regulatory framework to prevent market misconduct and ensure integrity in the virtual asset sector. The key regulations and guidelines that apply to VASPs include:
- PSA: The PSA governs a wide range of payment service companies, including DPTSPs, which are VASPs in Singapore. The PSA sets compliance requirements for VASPs, including:
- CDD: Obligated companies are required to do KYC checks in order to identify and verify their users.
- Transaction monitoring: Obligated entities must keep an eye on counterparties to transactions for money laundering and terrorism financing red flags.
- Screening: Obligated entities must check users against sanctions lists, politically exposed persons (PEPs), and negative media.
- Suspicious Activity Reports (SARs): A proper internal mechanism must be in place for operations to transmit SARs to the MAS. For AML/CFT inspections, companies must also retain thorough records of users.
VASPs must register for a trading license and adhere to AML/CFT rules under the PSA.
- SFA: The SFA regulates securities and futures, including digital tokens considered securities or futures contracts. It prohibits:
- Insider trading: The use of non-public, price-sensitive information to trade in securities or futures contracts.
- Market manipulation: The creation of false or misleading appearances of active trading or the price of securities or futures contracts.
- False or misleading statements: The making of false or misleading statements that are likely to induce the purchase or sale of securities or futures contracts.
- FAA: The FAA regulates the provision of financial advisory services, including those related to digital tokens that are capital markets products. It prohibits:
- False or misleading information: The provision of false or misleading information that is likely to induce a person to enter into a contract for a financial product.
- Failure to disclose conflicts of interest: The failure to disclose any material interest, whether direct or indirect, which the financial adviser or any of its associates has in a financial product.
- MAS Guidelines and Notices: The MAS has issued various guidelines and notices to address market misconduct risks in the virtual asset space:
- Notice on Prevention of Money Laundering and Countering the Financing of Terrorism for DPTSPs: Sets out measures to combat illicit activities involving virtual assets.
- Guidelines on Provision of Digital Advisory Services: explains standards to prevent market misconduct in digital advisory services, such as the misuse of non-public information and manipulation of trading activities.
- Unfair Trading Practices: The MAS has proposed regulations to curb unfair trading practices in the digital asset market, including:
- False trading
- Market manipulation
- Fraud
- Insider trading
4. Regulation of other crypto-related activities in Singapore
Are managers of crypto funds regulated in Singapore?
Yes, managers of crypto funds in Singapore are subject to a comprehensive regulatory framework established by the MAS. Here are the key provisions and considerations:
- SFA: Fund managers who manage or intend to manage funds investing in cryptocurrencies must hold a Capital Markets Services license under the SFA, unless exempted. If the fund is structured as a collective investment scheme (CIS), it must comply with CIS regulations, including disclosure requirements and operational standards.
- FAA: Managers offering financial advisory services related to crypto investments must be licensed under the FAA. This includes providing advice on the suitability of cryptocurrency investments.
- PSA: If fund managers provide services involving digital payment tokens (e.g., facilitating the exchange of cryptocurrencies), they must be licensed under the PSA. This act mandates compliance with AML and CFT requirements.
- Compliance and Regulatory standards: Fund managers must implement KYC procedures, report suspicious transactions to the Suspicious Transaction Reporting Office (STRO), and meet the MAS’s fit and proper criteria, which assess their integrity, reputation, and competence. They must also have adequate risk management frameworks to manage operational risks, including those specific to crypto assets.
- Disclosure and Transparency: Managers must provide clear and accurate information to investors, including the risks associated with cryptocurrency investments. Regular reporting to the MAS is required, ensuring transparency and regulatory oversight.
- Licensing and Registration process: Applicants must submit a detailed business plan outlining their investment strategy, risk management processes, and compliance framework. The MAS evaluates the application based on the applicant’s adherence to regulatory requirements and overall suitability.
- Ongoing compliance: Licensed fund managers must undergo annual audits to ensure compliance with regulatory standards. The MAS conducts continuous monitoring and supervision to ensure ongoing adherence to regulations.
Are distributors of virtual asset funds regulated in Singapore?
In Singapore, the distribution of virtual asset funds is regulated by the MAS under the PSA and the SFA. Here are the key points of regulation:
- Licensing: Companies that distribute virtual asset funds in Singapore must obtain a license from MAS. They are also required to follow rules on minimum capital, risk management, and business conduct.
- Disclosure and Risk management: Companies must provide clear information to investors about the risks of virtual asset funds. They must also have proper risk management systems in place.
- Investor suitability: MAS emphasises the importance of ensuring that virtual asset funds are suitable for investors, especially retail investors. Companies must make sure that investors understand the risks and can afford potential losses.
- AML/CFT: Companies must follow AML/CFT regulations, such as verifying customers’ identities and monitoring transactions for suspicious activity.
- Ongoing supervision: MAS regularly inspects and monitors licensed companies to ensure compliance with regulations. Violations can result in fines or license revocations.
Following high-profile incidents such as the collapse of FTX, MAS has strengthened its regulatory framework. This includes introducing measures to restrict certain activities, such as prohibiting incentives for retail investors and requiring risk awareness assessments.
Are there requirements for intermediaries seeking to provide trading in virtual assets for clients or advise clients on virtual assets in Singapore?
In Singapore, intermediaries seeking to provide trading in virtual assets for clients or advise clients on virtual assets are subject to regulatory requirements set by the MAS. These requirements include:
- Licensing: Intermediaries must obtain a Capital Markets Services license from MAS to provide trading services or advice on virtual assets.
- Compliance: Intermediaries are required to comply with AML/CFT regulations to prevent illicit activities in virtual asset transactions.
- Risk management: Proper risk management frameworks must be in place to identify, monitor, and mitigate risks associated with trading or advising on virtual assets.
- Investor protection: Intermediaries must ensure that clients, especially retail investors, are provided with adequate risk disclosures and have a good understanding of the risks involved in virtual asset investments.
- Regulatory oversight: MAS conducts regular inspections and monitoring of licensed intermediaries to ensure compliance with regulations and protect investors.
5. Other relevant regulatory information
Are there any upcoming regulatory developments in respect of crypto-related activity in Singapore?
Singapore’s MAS is planning to introduce new rules for crypto-related activities, which will mainly focus on custodial services and cross-border transfers. These rules will require crypto service providers to maintain proper records, have effective control systems, and keep customers’ assets in a trust account.
The new regulations are expected to come into effect within six months from April 4, 2024. Existing crypto-related businesses will need to apply for a license within six months to continue their operations temporarily until their application is reviewed.
These changes aim to address regulatory gaps and promote stability in the crypto ecosystem, especially after the recent volatility and turmoil in the crypto market, such as the FTX crash.
Additionally, MAS has already introduced licensing requirements for entities providing custodial and other services, including the facilitation of cross-border money transfers and the transmission of crypto between accounts and exchanges.
MAS is working on enhancing regulatory clarity and fostering innovation in the crypto industry. For instance, it has recently allowed a crypto exchange with an automatic market-making mechanism to obtain full licenses.
Has there been any notable events in Singapore that has prompted regulatory change recently?
One of the most significant events was the collapse of the FTX cryptocurrency exchange in 2022. This incident highlighted the risks associated with the crypto industry and led to increased scrutiny and regulatory responses globally, including in Singapore.
In response to the FTX collapse and other similar incidents, the MAS announced several regulatory updates. These updates include restrictions on crypto firms offering incentives to retail investors, prohibitions on leveraged or debt-financed crypto transactions for retail clients, and mandatory risk awareness assessments for retail investors.
MAS has also introduced stringent guidelines for DPTSPs, focusing on technology risk management and operational resilience. These measures aim to safeguard against technological failures and cyber threats, ensuring that crypto service providers maintain high standards of security and reliability.
Additionally, a Singapore-based crypto exchange called DigiFT got full approval from MAS after testing their system. This is a big step towards regulated crypto trading in Singapore.
6. Pending litigation and judgments related to virtual assets in Singapore (if any)
Judgements:
- ByBit Fintech Ltd v Ho Kai Xin and others (2023): In this case, the Singapore High Court made significant rulings regarding the legal status of crypto assets. ByBit Fintech Ltd, a cryptocurrency trading platform, alleged that Ho Kai Xin, an employee, had misappropriated a substantial amount of USDT (Tether), a type of stablecoin. The court ruled that crypto assets like USDT are considered property under Singaporean law, meaning they can be legally owned, transferred, and protected. Additionally, the court established that crypto assets can be held in trust, allowing for their use in various financial transactions and arrangements. The court also affirmed that holders of crypto assets have recognisable property rights that can be enforced through court orders, providing legal remedies in cases of disputes or misappropriation.
- B2C2 Ltd v Quoine Pte Ltd [2019] SGHC(I) 03: This landmark case involved a dispute between cryptocurrency market maker B2C2 and cryptocurrency exchange Quoine. The dispute arose from a series of automated trades that B2C2 executed on Quoine’s platform, resulting in significant financial gains for B2C2 due to an error in Quoine’s software. Quoine subsequently reversed the trades, leading B2C2 to sue for breach of contract. The Singapore International Commercial Court (SICC) ruled in favor of B2C2, establishing important precedents regarding the enforceability of smart contracts and the duties of cryptocurrency exchanges.
- CLM v CLN [2022] SGHC 46: This case involved a dispute over the misappropriation of cryptocurrency assets. The plaintiff sought to recover Bitcoin and Ethereum assets from the defendant, who allegedly wrongfully transferred these assets. The court granted a proprietary injunction to freeze the defendant’s assets, demonstrating the judiciary’s willingness to extend traditional legal remedies to digital assets.
- Janesh s/o Rajkumar v Unknown Person (“CHEFPIERRE”): The Singapore High Court issued its judgment granting a worldwide freezing injunction to prevent the sale or transfer of a non-fungible token owned by Janesh, which was used as collateral for cryptocurrency loans. This landmark decision recognized NFTs as a form of property that can be protected by legal injunctions, even when the defendant is known only by a pseudonym. The court addressed several procedural issues, including its jurisdiction to hear the case despite the defendant’s anonymity and the adequacy of the plaintiff’s description of the defendant.
7. Government outlook on virtual assets and crypto-related activities in Singapore
Singapore’s government adopts a progressive yet cautious approach to virtual assets and crypto-related activities. They strive to balance innovation and potential risks, such as consumer protection and anti-money laundering. Cryptocurrencies are not considered legal money in Singapore, but they can be used as an alternative payment method.
The MAS oversees virtual assets in the country. They have established the PSA to govern digital payment token services, ensuring compliance with international standards. The PSA requires VASPs to obtain a license and follow strict AML/CFT measures, which helps maintain high security and compliance standards.
Singapore’s regulatory stance is influenced by the FATF guidelines. This ensures that Singapore’s virtual asset regulations are in line with global best practices. Here’s an analysis of how Singapore aligns with FATF provisions, categorised by fully, partially, and not complied with:
FATF Recommendation | Description | Compliance Status | Details |
---|---|---|---|
CDD and Record Keeping (R10, R11, R12) | Requirements for verifying identities and maintaining records | Fully Complied | Singapore has stringent CDD requirements for VASPs, including verifying customer and beneficial owner identities and maintaining records for at least five years. |
Suspicious Transaction Reporting (R20) | Reporting suspicious transactions to authorities | Fully Complied | VASPs are mandated to report suspicious transactions to the Suspicious Transaction Reporting Office. |
International Cooperation (R36-R40) | Cooperation with international authorities and mutual legal assistance | Fully Complied | Singapore has mutual legal assistance treaties with numerous countries and participates in global initiatives to combat financial crimes. |
Regulatory and Supervisory Regime (R26, R27) | Oversight and regulation of financial institutions | Fully Complied | The Monetary Authority of Singapore (MAS) provides robust oversight and regulation of VASPs, ensuring compliance with AML/CFT measures. |
Preventive Measures (R4-R9) | Measures to counter money laundering and terrorist financing | Fully Complied | Includes regulations on wire transfers, reliance on third parties, and internal controls to prevent money laundering and terrorist financing. |
Beneficial Ownership Transparency (R24, R25) | Transparency of beneficial ownership information | Partially Complied | Singapore has made strides in capturing beneficial ownership information but faces challenges with complex corporate structures. |
Risk Assessment and National Cooperation (R1, R2) | National risk assessments and domestic cooperation | Partially Complied | Singapore conducts national risk assessments and has mechanisms for cooperation but needs ongoing improvement to address evolving risks. |
AML/CFT Policies and Coordination (R2) | Coordination of AML/CFT policies among regulatory bodies | Partially Complied | Policies are in place, but further coordination among regulatory and enforcement bodies is needed for enhanced effectiveness. |
Virtual Assets and VASPs (R15) | Regulation of virtual assets and VASPs | Not Fully Complied | Regulations for VASPs are in place, but the rapidly evolving nature of virtual assets presents challenges in comprehensive oversight and enforcement |
New Technologies (R15) | Adaptation to advancements in financial technologies | Not Fully Complied | Continuous advancements in financial technologies require more dynamic and responsive regulatory frameworks. |
8. Advantages of setting up a VASP in Singapore
Here are the key advantages of setting up a VASP in Singapore:
- Clear regulatory environment: The MAS has established a regulatory framework for VASPs through the PSA. This clear regulatory environment helps businesses understand and comply with the rules.
- Taxation benefits: Singapore offers a competitive corporate tax rate, which is advantageous for businesses. Additionally, there is no capital gains tax in Singapore. This tax structure is particularly beneficial for VASPs dealing with digital assets.
- Extensive financial infrastructure: Singapore has an extensive financial infrastructure, with a mature financial ecosystem and strong banking infrastructure. This infrastructure can provide necessary support for VASPs. Moreover, being a global financial hub, Singapore provides easy access to international markets.
- Strategic location and connectivity: Singapore’s strategic location and connectivity are advantageous for businesses. It is located at the crossroads of Asia, providing excellent connectivity and access to major markets in the region. Additionally, its time zone overlaps with major global financial centers, facilitating seamless business operations.
- Government support for fintech innovations: The government is highly supportive of fintech innovations. It has established various initiatives to encourage the growth of the digital asset industry. There are also various grants and funding opportunities available for fintech and digital asset companies.
- Legal and operational certainty: The legal framework for VASPs in Singapore is well-defined, and the process of obtaining a VASP license is streamlined and efficient. This legal and operational certainty reduces the compliance burden for businesses.
- Highly skilled and diverse workforce: Singapore has a highly skilled and diverse workforce, with expertise in finance, technology, and regulatory compliance. The presence of world-class educational institutions ensures a continuous supply of talent equipped with the necessary skills for the digital asset industry.
- Strong emphasis on cybersecurity: Singapore places a strong emphasis on cybersecurity. It has stringent regulations and frameworks in place to protect digital asset transactions and data. The MAS provides rigorous oversight to ensure that VASPs maintain high standards of security and operational integrity.
- Enhanced credibility and consumer confidence: Singapore’s reputation as a stable and well-regulated financial center enhances the credibility of VASPs operating from the country. High regulatory standards encourage consumer confidence, which is crucial for the growth and adoption of digital asset services.