Learn about compliance requirements and licensing procedures
Singapore has a system for regulating crypto firms, known as “digital payment token (DPT) providers” in the country. Accordingly, the Payment Services Act (PSA) establishes a regulatory framework for DPT service providers in Singapore.
To help you navigate Singapore’s crypto environment, we at Sumsub prepared this guide explaining the specifics of the country’s regulations.
Crypto in Singapore is not considered legal tender, but it can be used as an alternative means of payment.
The main law regulating crypto businesses is the Payment Service Act (PSA). It was introduced in 2019 to provide a more coherent set of regulations, including rules for licensing and exemptions. We will discuss this part in detail in the following sections.
The Monetary Authority of Singapore (MAS) is continuously working to improve the regulatory framework of DPT services in the country, issuing several Notices and Guidelines aimed to clarify some regulatory requirements:
In May 2023, the MAS issued its Consultation Paper on Proposed Amendments to Payment Services Regulations 2019.
On July 3, 2023, the MAS announced new requirements for DPT services to safekeep customer assets under a statutory trust before the end of the year. This will mitigate the risk of loss or misuse of customer assets, and facilitate their recovery in the event of the DPT insolvency. MAS then carried out a public consultation on the draft legislative amendments to the Payment Services Regulations to put the July requirements into effect (consultation was closed on August 3, 2023).
In Singapore, DPT services include:
The 2021 Amendment Act proposes to expand the definition of DPT services to entities:
It should be noted that the Act is not in force yet.
DPT providers in Singapore must implement AML/CFT procedures and policies, including:
Additionally, payment service providers—which include DPT providers—shall develop and implement adequate internal policies, procedures, and controls to help prevent money laundering and terrorist financing and communicate these to their employees.
DPT service providers are required to develop appropriate compliance management arrangements, which at the least includes appointing an AML/CFT compliance officer at the management level.
DPT service providers are required to maintain an audit function that is adequately resourced, independent, and able to regularly assess the effectiveness of their internal policies, procedures, controls, and compliance with regulatory requirements.
DPT service providers should take all appropriate steps to ensure that their employees and officers (whether in Singapore or elsewhere) are regularly and appropriately trained on AML/CFT regulations, internal policies, procedures and controls on AML/CFT.
As part of their AML obligations, DPT service providers must comply with the Travel Rule as imposed by the MAS in accordance with FATF requirements.
The Travel Rule requires DPT service providers to collect and share the personal information of clients when sending or receiving DPTs by value transfer on the account of an originator or beneficiary. Therefore, DPT service providers must provide sender and recipient data to each other during transactions.
This rule also applies to payment service providers in cases of:
If you want to learn more about the Travel Rule and how it’s applied in different counties, including Singapore, you can find all the necessary information at our Help Center.
The scope of information that originators are required to share with the beneficiary provider depends on the transaction amount. If the amount of transaction is less than S$1,500 (approximately $1,106), the provider should collect and share the following information:
If the transaction amount exceeds S$1,500, any of the following information may be required:
The actions required in relation to non-hosted wallets, incomplete or missing information, and more can be found in our Help Center.
There are three types of licenses a company can get in Singapore, depending on their business type:
There may be some additional authorization/recognition requirements in relation to businesses offering digital tokens.
For Standard Payment Institutions (SPI), the following criteria apply:
The criteria for a Major Payment Institution (MPI) license are similar to those for SPIs, except that the minimum capital requirement is S$250,000 (approximately $184,300).
There is a list of assessment criteria that MAS takes into consideration when evaluating an application for licenses. They include, but are not limited to:
You can read more about the differences in assessment criteria between each license here.
It should be noted that DPT service providers could be granted an exemption from holding a licence under the Payment Services Act (“PS Act”) for a specified period. This exemption will cease after a specified period or, if the entity submitted a licence application under the PS Act, on the date that the application is approved or rejected by MAS or withdrawn by the applicant. More detailed information about this exemption can be found here.
Yes, provision of DPT services (services with cryptocurrencies) are regulated by the Monetary Authority of Singapore. DPT service providers must be licensed or exempted.
The Monetary Authority of Singapore (MAS) is Singapore’s central bank and integrated financial regulator. The MAS has powers to issue legal instruments for the regulation and supervision of financial institutions.
A platform that facilitates trading in Singapore may require a license. Whether it needs a license or not will depend on the functionality of the platform.
There have been no laws introduced recently. However, the MAS is carrying out consultations regarding amendments to the PSA. In addition, it has issued consultation documents and investor protection measures.