Fintech 2025

SINGAPORE Law and Practice Contributed by: Kenneth Pereire and Lin YingXin, KGP Legal LLC

• SGX – oversees securities and tokenised asset trading, enforcing transparency and investor protection in capital markets; and • IMDA – regulates digital infrastructure and emerging technologies like blockchain, ensur - ing compliance with cybersecurity and tech - nology standards for secure operations. 2.7 No-Action Letters MAS does issues “no-action” letters, particu - larly in the context of the FinTech Regulatory Sandbox, allowing companies to test innovative products without enforcement action for certain regulatory breaches, provided they meet specific conditions. However, the SGX does not typically issue “no-action” letters but may grant exemp - tions or relief from certain listing requirements on a case-by-case basis. 2.8 Outsourcing of Regulated Functions In Singapore, the MAS has issued comprehen - sive guidelines on outsourcing for financial insti - tutions. These guidelines mandate that institu - tions rigorously evaluate vendors to ensure they can uphold a high standard of care, performing services with the same level of diligence as if conducted by the institution itself. Vendors must adhere to the institution’s obligations as a regu - lated entity, encompassing stringent require - ments related to data protection, confidentiality and regulatory compliance. When entering into outsourcing agreements, industry participants are obligated to precisely delineate the obligations, responsibilities and expectations of both parties involved in the out - sourcing arrangement. Moreover, these agree - ments must grant institutions the authority to intervene if necessary to meet their legal and regulatory obligations.

In practice, opting for outsourcing to a regu - lated entity is generally considered preferable. This choice enhances the vendor’s familiar - ity with the regulatory requirements incumbent upon the institution, as they are likely subject to analogous obligations. Consequently, outsourc - ing to a regulated entity increases the likelihood of seamless regulatory compliance within the terms of the outsourcing agreement. 2.9 Gatekeeper Liability Fintech providers in Singapore are regulated by MAS and act as “gatekeepers” , bearing signifi - cant responsibility for platform activities. They must comply with AML/CFT guidelines, imple - menting customer due diligence (CDD), Know Your Customer (KYC), and Enhanced Due Dili - gence (EDD) where necessary. Providers must also adhere to PDPA for handling personal data and report suspicious activities to the Suspi - cious Transaction Reporting Office. Additionally, fintech providers must follow MAS Technology Risk Management Guidelines, ensuring effective risk management practices to address technological risks. 2.10 Significant Enforcement Actions While enforcement actions for operating regu - lated payment services without a licence under the PSA have occurred, regulators in Singapore have yet to undertake significant enforcement actions in other key verticals, such as cryptocur - rency, wealthtech, and insurtech. However, MAS has been proactive in monitoring the develop - ments within the fintech space. The MAS Fintech & Innovation Group (FTIG) plays a crucial role in evaluating emerging fintech innovations and ensuring compliance with regulatory require - ments, offering a platform for consultation and feedback. In recent years, regulators have addressed issues such as AML non-compliance

755 CHAMBERS.COM

Powered by