SINGAPORE Trends and Developments Contributed by: Adrian Ang and Benjamin Samynathan, Allen & Gledhill LLP
• Finally, the Enablers section underscores the importance of foundational capabilities, such as upskilling the workforce, fostering a risk-aware culture, and maintaining high standards of data management. Concurrently, MAS issued a consultation paper on Guidelines on AI Risk Management on 13 November 2025. The public consultation, which was accompa - nied by a draft of the guidelines, closed on 31 January 2026. The draft guidelines outline MAS’ supervisory expectations for financial institutions (FIs) regard - ing the responsible use of AI and aim to establish a framework that addresses the risks associated with AI adoption, including Generative AI and AI agents, while enabling innovation. The guidelines apply to all FIs in Singapore but are designed to be applied pro - portionately based on the institution’s size, the nature of its activities, and the risk profile of the specific AI use case. The guidelines are structured around four main areas. • AI oversight – the board and senior management are expected to establish and implement clear governance structures, policies and processes and foster a risk culture that supports the respon - sible use of AI within the organisation. FIs should integrate AI risk management into their existing risk management frameworks. • AI risk management systems and processes – FIs are required to maintain an accurate and compre - hensive inventory of all AI use cases within the firm. FIs must assess the risks of their AI models. The guidelines propose a framework for assessing materiality based on three dimensions: impact (the potential consequence of the AI’s failure or mis - use); complexity (arising from technology, novelty or data); and reliance (the degree of human involve - ment or oversight in the process the AI system or model supports). • AI life cycle controls – FIs must implement robust controls throughout the AI life cycle (development, deployment and maintenance). Key control areas include: (a) data management (eg, ensuring data quality, representativeness and fitness for purpose); (b) transparency and explainability (eg, determin - ing the extent of transparency and explainabil -
ity required of an AI use case, system or model according to its assessed risk materiality, and establishing the relevant controls accordingly); (c) fairness (defining fairness objectives and im - plementing controls to mitigate bias); (d) human oversight (eg, maintaining appropriate levels of human-in-the-loop or human-over- the-loop oversight); (e) third-party risk (eg, ensuring that onboard - ing, development and deployment controls for third-party AI are adequate for the risk mate - riality of the use case, system or model which uses or depends on third-party AI); (f) selection (considering the objectives and risks of an AI use case, system or model when se - lecting AI algorithms or features); and (g) evaluation and monitoring (eg, the conduct of relevant evaluation and testing that is propor - tionate to the assessed risk materiality of the AI use case, system or model). • Capabilities and capacity – FIs must ensure that staff involved in AI development and governance have the necessary skills and expertise. Technol - ogy infrastructure must be robust and resilient to support AI operations securely. In January 2026, the Infocomm Media Development Authority released the Model AI Governance Frame - work for Agentic AI, positioning Singapore as one of the first jurisdictions to issue a framework for reliable and safe agentic AI deployment. This national-level framework is built on four core pillars: • assessing and bounding the risks upfront by selecting appropriate agentic use cases and placing limits on agents’ powers such as agents’ autonomy and access to tools and data; • making humans meaningfully accountable for agents by defining significant checkpoints at which human approval is required; • implementing technical controls and processes throughout the agent lifecycle, such as baseline testing and controlling access to whitelisted ser - vices; and • enabling end-user responsibility through transpar - ency and education/training.
749 CHAMBERS.COM
Powered by FlippingBook