Singapore MAS expands protections to digital payment tokens

The Monetary Authority of Singapore (MAS) has issued guidelines aimed at enhancing consumer protection for users of digital payment token (DPT) services.

The Monetary Authority of Singapore (MAS) has announced significant updates to the Payment Services Act (PS Act) and related subsidiary legislation, aimed at broadening the range of payment services under its regulatory purview.

Additionally, the MAS will enforce new user protection and financial stability mandates for digital payment token (DPT) service providers. These changes are scheduled to come into effect in phases starting 4 April 2024.

Firms must apply for a license within six months

Key expansions under the PS Act now include the regulation of custodial services for DPTs, the facilitation of DPT transactions between accounts, the exchange of DPTs (regardless of direct possession by the service provider), and the facilitation of cross-border money transfers without the need for monetary acceptance or receipt in Singapore.

To ensure compliance with anti-money laundering and counter-terrorism financing, as well as user protection and financial stability, the MAS will now have the authority to impose specific requirements on DPT service providers.

Entities currently operating under the soon-to-be-expanded scope of the PS Act are required to inform MAS within 30 days from 4 April 2024.

They must apply for a license within six months to continue their operations temporarily during the MAS review process. A crucial part of this application is an attestation report, verified by a qualified external auditor, regarding their compliance with anti-money laundering and counter-terrorism financing, to be submitted within nine months from the specified date.

Entities failing to meet these new requirements must cease their regulated activities upon the amendments’ enforcement. Additionally, the amended Payment Services Regulations concerning the safeguarding of customer assets by DPT service providers will become effective six months post-4 April 2024. These regulations emphasize the segregation of customer assets into trust accounts, maintenance of accurate records, and implementation of robust systems to ensure the security and integrity of customer assets.

MAS issues guidelines on DPT services

The Monetary Authority of Singapore (MAS) has issued guidelines aimed at enhancing consumer protection for users of digital payment token (DPT) services. These guidelines are designed to foster a secure and innovative digital asset ecosystem within Singapore, emphasizing the importance of mitigating risks associated with cryptocurrencies and ensuring consumer education on these risks.

Set to take effect on 4 October 2024, the guidelines outline measures DPT service providers must adopt to safeguard customer assets and ensure sound practices. Key aspects of the guidelines include:

  • Application and Scope: DPT service providers are expected to implement the guidelines in proportion to the risks and complexities of their services. The guidelines serve as a general guide alongside other legislative and regulatory measures under the Payment Services Act 2019.
  • Definitions and Modifications: Definitions clarify terms such as “accredited investor,” distinguishing between retail and institutional customers to ensure appropriate protection levels.
  • Safeguarding Customer Assets: DPT service providers are required to segregate customer assets, maintain them in trust accounts with suitable safeguards, and manage risks effectively. This includes ensuring senior managers have the expertise to oversee these processes and that a significant portion of assets is stored in cold wallets to mitigate cyber risks.
  • Risk Management Controls: Controls must prevent unauthorized access or loss of DPT instruments and ensure senior managers in Singapore oversee the movement of customer assets.
  • Mitigating Conflicts of Interest: DPT service providers should manage conflicts between safeguarding duties and business interests, with clear policies and independent checks in place.
  • Disclosures to Customers: Providers must clearly disclose terms and conditions related to asset safeguarding, including information on risk management, storage arrangements, and processes for handling asset losses.
  • Statement of Account: Customers should receive monthly statements detailing their transactions, asset movements, and account charges, unless alternative arrangements are in place.
  • Additional Considerations for Retail Customers: The guidelines restrict certain transactions for retail customers, such as lending or staking assets, and require clear risk disclosures for transactions involving accredited investors.