MAS Proposes New Regulations Amid Emerging Risks Arising from Digital Assets

MAS Proposes New Regulations Amid Emerging Risks Arising from Digital Assets

by August 3, 2020

Singapore’s central bank, the Monetary Authority of Singapore (MAS), is proposing new regulations that it would give it more power to regulate the financial services industry, notably in the fields cybersecurity and virtual assets, the regulator said on July 21.

The new act would introduce new regulations for virtual asset service providers created in Singapore for anti-money laundering and countering of financing of terrorism (AML/CFT) purposes, and would expand MAS’s power to impose requirements on technology risk management.

The proposed regulations would also allow MAS to issue prohibition orders to individuals deemed unsuitable to work in the financial industry, and would provide statutory protection to mediators, adjudicators and others involved in facilitating resolution via approved channels.

Proposed new rules on digital token providers

MAS is proposing to expand the scope of existing regulations part of the Payment Services Act 2019 (PS Act) that already cover digital token services providers in Singapore.

The new rules would regulate persons and entities in Singapore that provide digital token services overseas, requiring them to get appropriately licensed and be put under MAS’s supervisory oversight.

The provisions are targeted at companies created in Singapore but which do not perform any activity involving digital tokens in the country. Companies affected could be exchange platforms, brokering services, money transmitters, custody services providers, and advisory services relating to the offer or sale of digital tokens, among others, MAS said in a consultation paper on the new omnibus act.

The paper also outlines numerous requirements these companies would need to comply with, including having “a meaningful presence” in Singapore, adequate AML/CFT compliance procedures, as well as financial requirements.

For existing digital token service providers in Singapore operating overseas, MAS said it plans to exempt them from the need to apply for a license for a specific period.

In Asia, Singapore has emerged a key hub for crypto and blockchain innovation with MAS itself having been actively exploring the potential of the technology since late-2016. In January this year, the PS Act came into effect, providing intermediaries dealing with cryptocurrencies with a regulatory framework.

Tackling emerging technology risks

As Singapore aims to become a “Smart Nation” with a “Smart Financial Centre,” ensuring the safety and soundness of the systems that support these ambitions will be key for the nation to reach its goals, MAS said in the consultation paper.

To meet the new challenges arising from the pervasive use of information technology and growing sophistication of cyber threats, MAS wants to expand its existing powers to impose requirements related to technology risk management, including cybersecurity risks and data protection, on regulated financial institutions.

The new rules would also allow it to issue directions and make regulations pertaining technology risk management.

Additionally, MAS is proposing to increase the maximum penalty to S$1 million for any contravention of the requirements.

In 2019, cybercrimes accounted for 26.8% of all crimes in Singapore, according to Singapore Cyber Landscape 2019 report released in June by the Cyber Security Agency of Singapore (CSA). Some 9,420 cybercrime cases were reported last year, representing a 51.7% increase from the year prior.

With COVID-19 forcing businesses to move online, the CSA predicts that the volume of cyber security incidents will likely increase. Additionally, rapid adoption of technologies including artificial intelligence (AI), 5G and the Internet-of-Things (IoT) is bringing in new cyber risks that must be dealt with adequately.

“As one of the most connected countries in the world, Singapore remains a target for cyberattacks and cybercrime,” said David Koh, CSA’s chief executive and commissioner of cybersecurity. “Threat actors have continued to evolve their tactics, resulting in an intensification of malicious cyber activities in 2019 … The ongoing COVID-19 pandemic has also provided new opportunities and attack surfaces for them to capitalize on.”

MAS is welcoming comments on the proposed regulations until August 20, 2020.