O MAS quer reforçar a supervisão dos DTSPs baseados em Singapura, mas que não realizam negócios substanciais lá.
Escrito por: Aiying Ai Ying
A Autoridade Monetária de Cingapura (MAS) lançou recentemente propostas de atualizações regulatórias para provedores de serviços de token digital (DTSPs). Esta mudança gerou preocupação e discussão generalizadas na indústria Web3. Aiying, como agência de consultoria especializada em serviços de conformidade Web3, conduziu uma análise aprofundada dos antecedentes, conteúdo e impacto potencial desta nova regulamentação MAS. Interprete o possível impacto dessas novas regulamentações no layout e no desenvolvimento das empresas Web3 em Cingapura e na região Ásia-Pacífico.
I. MAS's New Regulations: Combatting 'Shell' DTSP
On October 4, MAS released proposed regulatory updates concerning digital token service providers (DTSP) licenses, especially targeting so-called 'shell' DTSP. The new regulations mean that compliance thresholds have significantly increased and indicate that Singapore's regulation of the crypto industry will become stricter. Since 2020, Singapore has screened DTSP through stringent anti-money laundering (AML) and counter-terrorism financing (CFT) rules, and this consultation raises higher demands for compliance and rationality of business models, particularly for those companies that do not conduct substantive business locally.
Reference: Singapore (2024 Anti-Money Laundering Risk Assessment Report) - Internal and external money laundering challenges, common money laundering techniques, and money laundering risk situations in various financial sectors
According to the (Financial Services and Markets Act) (FSMB), MAS seeks to strengthen regulations on DTSP that are based in Singapore but do not conduct substantive business locally. These so-called 'shell' DTSP may be used for illegal activities such as money laundering. MAS's new regulations indicate their high emphasis on risk management and maintaining the reputation of Singapore's financial system, and they plan to subject these DTSP to stricter scrutiny.
II. Main legislation and relationships involving digital token service providers
Before understanding MAS's new regulations, it is necessary to understand the current relevant legislation involving DTSP and their interrelationships.
(Financial Services and Markets Act) (FSMB): This act was passed in 2022, but the specific implementation and applicable details are still under MAS's public consultation and preparation, aiming to establish a legal framework for regulating individuals, partnerships, and companies providing digital token services. FSMB expands the definition of digital token services, covering a broader range of business activities and authorizing MAS to regulate DTSP that are based in Singapore but do not have substantial business in Singapore.
(Payment Services Act) (PS Act): This act regulates digital payment tokens (such as cryptocurrencies) and payment service providers, ensuring these services operate safely in Singapore. For DTSP providing payment services in Singapore, the PS Act has detailed requirements for their licenses and compliance. For details, please refer to (【Long Article Explanation】Comprehensive Interpretation of Singapore's Payment Business Regulatory Framework and Virtual Asset DPT License Requirements)
(Securities and Futures Act) (SFA): This legislation primarily targets trading and regulation of capital market products, covering digital assets such as tokenized securities. The SFA also applies to related activities involving securities-related DTSP.
These three pieces of legislation complement each other, forming a compliance requirements framework for DTSP operations in Singapore. In simple terms, FSMB provides an overarching regulatory framework for digital token services, covering all related services like a big umbrella, while the PS Act and SFA provide more detailed guidance and requirements for specific types of businesses (such as payments and securities). This combination ensures that DTSP operations in Singapore have both macro regulatory standards and targeted, practical operational guidelines, making regulation both comprehensive and specific.
III. New Requirement Standards of (Financial Services and Markets Act)
From MAS's consultation document, DTSP seeking to obtain a license must meet a series of specific requirements, including but not limited to the following points:
Basic Capital Requirements: DTSP must hold at least SGD 250,000 in basic capital to demonstrate its financial stability and operational commitment.
Local Compliance Team: DTSP must establish a compliance team in Singapore, including at least one resident executive director and partner, to ensure actual management and compliance supervision capabilities locally.
Independent Audit Mechanism: DTSP needs to conduct independent audits covering cybersecurity, financial compliance, etc., and regularly submit audit reports to demonstrate compliance with regulatory standards.
Penetration Testing and Cybersecurity Requirements: Enterprises need to conduct penetration testing and fix all high-risk security vulnerabilities to ensure the security of their technology platforms and data integrity.
Independent Compliance Function: DTSP must establish an independent compliance function in Singapore, led by qualified compliance officers in management, ensuring the independence and effectiveness of compliance work.
Audit Arrangements: Sufficient audit arrangements must be established to assess and ensure the effectiveness of compliance controls. Audits must be independent and commensurate with the scale, nature, and complexity of the business.
Office Requirements: Enterprises must have a permanent office in Singapore to facilitate MAS's onsite inspections and regulatory supervision.
These measures undoubtedly raise compliance costs, and for those enterprises that do not plan to conduct substantive business in Singapore, MAS will also conduct in-depth reviews of the rationality of their business models. These measures undoubtedly raise compliance costs, and for those enterprises that do not plan to conduct substantive business in Singapore, MAS will also conduct in-depth reviews of the rationality of their business models.
This strict licensing system is clearly aimed at increasing transparency and ensuring the legality and compliance of fund flows, but it also adds to the compliance burden for Web3 enterprises. In particular, for Web3 companies expanding globally, whether Singapore's new regulations remain attractive is a key question. The various requirements proposed by MAS may lead many companies to reassess their strategy of establishing a base in Singapore.
IV. What preparations should enterprises make?
Aiying recommends that in the face of these new regulations, enterprises should focus on the following points:
Establishment of Compliance Team: According to MAS requirements, DTSP must establish a compliance team in Singapore led by appropriately qualified compliance officers in management. Therefore, enterprises should plan their compliance structure early, especially in recruiting and training local compliance personnel.
Auditing and Cybersecurity: MAS emphasizes the importance of penetration testing and auditing. Enterprises should ensure that their cybersecurity systems comply with MAS standards and verify the effectiveness of compliance controls through independent audits.
Reasonable Business Model Design: For enterprises wishing to obtain licenses in Singapore but primarily operating in other regions, it is necessary to reasonably explain the necessity and credibility of their business model to MAS in order to obtain approval.
Capital Preparation and Risk Assessment: Enterprises should ensure compliance with the minimum capital requirement of SGD 250,000, while conducting thorough risk assessments to respond to potential future regulatory changes.
V. Specific implementation timeline and transition policies
MAS's public consultation on these new guidelines and requirements will continue until November 4. Although the specific date for finalizing these measures has not been clarified, MAS has stated that once measures are finalized, the public will have only about four weeks to implement the new measures. At that time, any DTSP operating in Singapore without MAS licenses must cease or suspend their operations in Singapore.
MAS emphasizes that these new measures are crucial for safeguarding the integrity of Singapore's financial system and aligning with the evolving international digital asset standards. For observers in the crypto asset industry, the key question is whether these stringent new regulations will attract DTSP to seek compliant operations in Singapore or deter some innovators due to high compliance costs.
This issue also exists in the context of the Asia-Pacific region, particularly in Hong Kong. In recent years, Hong Kong has actively engaged in the digital asset space, establishing regulatory sandboxes to support stablecoin issuers and financial institutions exploring tokenized use cases, clearly stating that digital asset innovation is a significant driver of growth in its financial sector. How institutions of Web3 choose to structure compliance in the Asia-Pacific region and globally is crucial for long-term development. Aiying will continue to provide professional and practical experience sharing.
FSMB Act: https://www.mas.gov.sg/-/media/mas-media-library/publications/consultations/amld/2024/dtsp-consultation---final-for-publication.pdf