Singapore has taken a definitive step forward in digital asset regulation via its Singapore DTSP licensing framework. The Monetary Authority of Singapore (MAS) released its final position on the proposed regulatory regime for Digital Token Service Providers (DTSPs), under the Financial Services and Markets Act 2022 on 30 May 2025.
Effective 30 June 2025, the new Singapore DTSP licensing framework significantly tightens compliance expectations for Singapore-based and Singapore-incorporated entities providing digital token services. This move firmly signals that Singapore is no longer willing to serve as a base for offshore crypto operators that evade domestic oversight.
MAS has also clarified with an updated media release on 6 June 2025 that this new regime applies only to digital token services involving digital payment tokens and digital representations of capital market products. Providers of services with other tokens, such as utility tokens or governance tokens, are not subject to regulation under this framework.
Importantly, MAS specified that this licensing requirement targets entities that serve solely overseas customers. Providers that already serve Singapore customers are already regulated under existing legislation (e.g. Payment Services Act, Securities and Futures Act) and may continue to serve both local and overseas clients.
Here are the most important shifts digital token businesses need to understand now.
Why Now? MAS’s Regulatory Calculus
MAS’s decision to act decisively now is grounded in its growing concern over the money laundering and terrorism financing risks posed by such operations, especially given their cross-border and internet-based natures.
Digital token service providers, by design, operate across borders and often without the same checks that apply to traditional financial firms. This makes them especially vulnerable to being used for money laundering or terrorism financing.
When those firms are set up in Singapore but serve clients elsewhere, any wrongdoing, even if it happens offshore, can still damage Singapore’s reputation.
By tightening its regulatory perimeter and requiring licenses for even overseas-facing DTSPs, MAS is making it clear: if you’re using Singapore as a base, you’re expected to meet Singapore’s standards. The approach is measured, but firm.
Even If You Serve Overseas, You Still Need a Licence
MAS now mandates that any Singapore-based or incorporated entity offering digital token services to overseas clients must secure a DTSP licence. The move closes a long-standing regulatory loophole and brings Singapore closer in line with standards like the Financial Action Task Force.
MAS clarified that it will generally not issue licences to such entities, citing elevated money laundering risks and the lack of effective supervisory reach when activities are conducted solely outside Singapore. Also, based on its initial response to feedback received on its regulatory approach, applicants must also prove compliance in the jurisdictions where they operate.
No Grace Period for DTSPs to Comply
MAS has taken a hardline stance: there will be no transitional relief for unlicensed Digital Token Service Providers (DTSPs). All Singapore-incorporated or Singapore-based entities providing digital token services to overseas clients must suspend or cease operations by 30 June 2025 unless licensed.
This firm position once again stems from MAS’s concerns over the elevated money laundering and terrorism financing risks associated with DTSPs.
Due to their internet-based and cross-border nature, these providers often operate with little or no connection to Singapore, raising the stakes for reputational damage if they are exploited for illicit activities.
Instead, a four-week commencement notice is given. It will require DTSPs to suspend or cease all digital token services by 30 June 2025.
MAS clarified that this position has been consistently communicated since its first consultation response in February 2022, and reiterated in October 2024 and May 2025. Furthermore, MAS has already reached out to the small number of providers likely to be affected and is encouraging them to wind down operations in an orderly manner.
High Bar for Entry with Flat Capital and Licence Fees
MAS has confirmed that all DTSPs will be subject to a flat minimum capital requirement of S$250,000 and an annual licence fee of S$10,000. This is regardless of company size, business model, or the number of digital token services offered.
This uniform structure mirrors the existing framework for Digital Payment Token Service Providers, where fixed fees apply across the board.
MAS emphasised that these financial thresholds are meant to ensure that applicants are committed to maintaining a meaningful presence in Singapore and able to withstand sudden operational or market shocks.
In effect, firms must demonstrate they have the operational and financial stability to meet the regulatory expectations, especially in managing technology and cyber risks inherent to distributed ledger-based services.
For smaller firms and early-stage crypto startups, these requirements could present a high barrier to entry.
Stricter Rules and Guidelines on Money Laundering and CDD
DTSPs must meet new standards to fight money laundering and terrorism financing. This includes carrying out customer due diligence (CDD), even on clients who were onboarded before they got licensed.
MAS shared that it won’t set a fixed deadline for this. Instead, it will decide timelines case by case and at the point of licensing, depending on each licensee’s customer risk profile.
Next, firms also need to be ready for future changes to CDD requirements. MAS said that it will not specify when licensees must update initial CDD for existing customers in the FSM-N27 Notice, as this will largely depend on the subsequent revisions of CDD requirements relate to.
MAS will, however, provide guidance, including a list of non-exhaustive considerations which licensees should adhere too. DTSPs are expected to have internal checks in place to decide when updates are needed to comply with the revisions.
Thirdly, MAS has decided that licensed payment service providers and financial institutions, even those licensed and supervised overseas for AML/CFT compliance, cannot be treated as “third parties” under the FSM-N27 Notice. This means DTSPs are not allowed to rely on them to carry out customer due diligence.
If a DTSP wants to rely on any third party for CDD, it must have proper internal processes to assess whether that party is suitable. This includes doing due diligence checks to make sure the third party meets the required standards.
Mandatory Tech Safeguards and Rapid Incident Reporting
Under MAS’s proposed rules, DTSPs must ensure their critical IT systems are reliable, available, and able to recover quickly from disruptions. They must also put strong controls in place to protect customer data from unauthorised access or leaks.
Licensees would also need to provide incident details to MAS within one hour. MAS clarified that its one-hour rule is meant to give the regulator early warning so it can assess potential risks to the wider industry and public. MAS added that further details can be shared after the initial alert.
In terms of cyber hygiene, MAS will require DTSPs to meet basic security standards, such as securing admin accounts, applying security patches, applying anti-malware measures, and strengthening user authentication.
While these baseline measures are mandatory, MAS also expects DTSPs to follow broader best practices outlined in its existing technology risk guidelines.
Clear Conduct Standards and Transparent Risk Warnings
DTSPs must follow strict business conduct rules, including maintaining minimum operating hours and providing transparent, multilingual risk disclosures, especially about the risk of customers being unable to recover their funds in the event of firm failure.
MAS clarified that minimum operating hours are required to ensure the public, including customers, regulators, and law enforcement, can contact the DTSP when needed. These requirements apply equally to all DTSPs, regardless of business size or structure, as outlined in its updated Singapore DTSP licensing framework.
When it comes to disclosures, MAS will not mandate how many languages firms must use, but expects licensees to assess their customer base and decide what’s necessary to ensure risks are clearly understood. Firms must also avoid overstating their regulatory status.
If any public materials misrepresent the scope of MAS oversight, licensees must act promptly to correct the errors and consider informing customers, depending on the impact. While MAS expects firms to have internal processes in place to handle these situations, it does not plan to introduce further requirements for now.
What This Means for the Future of Digital Asset Regulation
The updated Singapore DTSP licensing framework draws a clear boundary. The message is not about restriction, but about responsibility. Firms that have relied on Singapore’s credibility while operating beyond its regulatory reach will now need to make a choice: get licensed, restructure, or exit.
As of 6 June 2025, MAS reaffirmed that only a very small number of DTSPs are impacted. These providers must cease all regulated activities involving overseas clients by 30 June 2025 unless licensed under the new DTSP framework.
Note: This article was updated on 9 June 2025 to reflect clarifications issued by the Monetary Authority of Singapore on 6 June 2025 regarding the scope and application of the DTSP licensing framework.
Featured image: Edited by Fintech News Singapore, based on image by EyeEm via Freepik
