The Payment Services Act (PSA), outlines Anti-Money Laundering (AML) and Combating the Financing of Terrorism (CFT) compliance obligations for Virtual Asset Service Providers, modelled on the guidelines published by the Financial Action Task Force (FATF) in 2018. The PSA directly addresses financial crime risks related to payment technology whilst codifying previously separate payment regulations.
Any business wishing to provide payment services in Singapore must first procure a license specific to their line of business; categories include account issuance, domestic money transfer, cross‑border money transfer, merchant acquisition, e-money issuance, digital payment token, and money‑changing services.
On January 4 2021, the Payment Services (Amendment) Bill (now Act) was passed by the Singapore government, which amended and expanded the original PS Act. Notably:
1. Expanding the definitions surrounding “Digital Payment Tokens” and their services clause 7 (e), accounts clause 2, and instruments clause 7 (d).
2. Expanded scope of digital payment token (DPT) obligations, including (amongst other activities) safeguarding, monitoring, and exchange of DPTs and public disclosures (Section 21A).
3. The MAS now has new powers over DPT service providers who operate within Singapore with regard to user protection. This includes imposing protection measures, such as requiring them to protect or segregate their customers' assets from other company assets. Adhere to stringent customer data protections and safeguarding of customer DPT instruments. Companies are also called to act in the interest of the public, and also the financial systems in Singapore and its Monetary policies (Section 21A-1 & 2).
There are three different licenses for digital asset payment service providers to choose from.
Rigorous AML/CFT due diligence milestones must be accounted for when making your application for a license. Below are the primary compliance boxes companies must tick during their application process designed to demonstrate to MAS the business has sufficient policies and tools to mitigate and identify risk.
For further information about how you can manage your key compliance requirements, please email email@example.com.
Links to Key Resources: