Analysis of New Regulations by Monetary Authority of Singapore Strengthening the Crackdown on Shell Cryptocurrency Institutions

Coin World reports:
MAS hopes to strengthen its supervision of DTSPs that are based in Singapore but do not carry out substantial operations locally.
Author: Aiying
The Monetary Authority of Singapore (MAS) recently released proposed regulatory updates for Digital Token Service Providers (DTSPs), which has sparked widespread attention and discussion in the Web3 industry. Aiying, a consulting firm specializing in Web3 compliance services, has conducted an in-depth analysis of the background, content, and potential impact of MAS’s new regulations. This article interprets the potential impact of these new regulations on the deployment and development of Web3 enterprises in Singapore and the Asia-Pacific region.
I. MAS’s New Regulations: Cracking Down on “Shell” DTSPs
On October 4th, MAS released proposed regulatory updates regarding the licensing of DTSPs, specifically targeting so-called “shell” DTSPs. The new regulations signify a significant increase in compliance requirements and signal that Singapore’s regulation of the crypto industry will become more stringent. Since 2020, Singapore has employed strict anti-money laundering (AML) and countering the financing of terrorism (CFT) rules to screen DTSPs. This consultation proposes higher requirements in terms of compliance and the reasonableness of business models, particularly for companies that do not carry out substantial operations locally.
References:
Singapore’s “2024 Anti-Money Laundering Risk Assessment Report” – Internal and External Money Laundering Challenges, Common Money Laundering Techniques, Money Laundering Risks in Various Financial Sectors
Under the Financial Services and Markets Act (FSMB), MAS hopes to strengthen its supervision of DTSPs that are based in Singapore but do not carry out substantial operations locally. These so-called “shell” DTSPs may be used for illegal activities such as money laundering. MAS’s new regulations indicate their high regard for risk management and maintaining the reputation of Singapore’s financial system, and they plan to conduct stricter scrutiny of these DTSPs.
II. Key Acts and Their Relationships Related to DTSPs
To understand MAS’s new regulations, it is necessary to understand the relevant acts that pertain to DTSPs and their interrelationships.
Financial Services and Markets Act (FSMB): This act was passed in 2022 but specific implementation and applicability details are still under MAS’s public consultation and preparation. It aims to establish a legal framework for regulating individuals, partners, and companies providing digital token services. The FSMB expands the definition of digital token services, covering a wider range of business activities, and authorizes MAS to regulate DTSPs that use Singapore as a hub but do not have substantial business operations locally.
Payment Services Act (PS Act): This act regulates digital payment tokens (such as cryptocurrencies) and payment service providers to ensure the safe operation of these services in Singapore. PS Act has detailed requirements for licensing and compliance for DTSPs that provide payment services in Singapore. For more details, please refer to “【In-depth Analysis】Comprehensive Interpretation of Singapore’s Payment Business Regulatory Framework and Virtual Asset DPT Licensing Requirements.”
Securities and Futures Act (SFA): This act primarily focuses on the trading and regulation of capital market products, including tokenized securities and other digital assets. SFA also applies to DTSPs involved in securities-related activities.
These three acts complement each other and form the compliance requirements framework for DTSPs operating in Singapore. In simple terms, FSMB provides an overarching regulatory framework for digital token services, acting as a comprehensive umbrella, while PS Act and SFA provide more detailed guidance and requirements for different types of specific businesses (such as payments and securities).
This combination ensures that DTSPs in Singapore are subject to both macro-level regulatory standards and targeted and practical operational guidance, resulting in comprehensive and specific regulation.
III. New Requirements under the Financial Services and Markets Act
Based on MAS’s consultation paper, DTSPs seeking licensing must fulfill a series of specific requirements, including but not limited to the following:
Minimum Capital Requirement: DTSPs must hold at least SGD 250,000 in minimum capital to demonstrate their financial stability and operational commitment.
Local Compliance Team: DTSPs must establish a compliance team in Singapore, including at least one resident executive director and partner, to ensure actual management and compliance supervision capabilities locally.
Independent Audit Mechanism: DTSPs need to undergo independent audits covering aspects such as network security and financial compliance, and submit audit reports regularly to demonstrate compliance with regulatory standards.
Penetration Testing and Network Security Requirements: Companies must perform penetration testing and resolve all high-risk security vulnerabilities to ensure the security and data integrity of their technical platforms.
Independent Compliance Function: DTSPs must establish an independent compliance function in Singapore, led by a management-level compliance officer with appropriate qualifications, to ensure the independence and effectiveness of compliance work.
Audit Arrangements: Sufficient audit arrangements must be established to assess and ensure the effectiveness of compliance controls. Audits must be independent and commensurate with the scale, nature, and complexity of the business.
Office Space Requirements: Companies must have permanent office space in Singapore to facilitate MAS’s on-site inspections and regulatory supervision.
These measures undoubtedly increase compliance costs, and MAS will also conduct in-depth reviews of the reasonableness of the business models of companies that do not intend to carry out substantial operations in Singapore. This strict licensing regime aims to increase transparency and ensure the legality and compliance of fund flows but also adds to the compliance burden for Web3 enterprises. Especially for Web3 companies expanding globally, whether Singapore’s new regulations are still attractive is a key question.
The various requirements proposed by MAS may lead many companies to reevaluate their strategies for establishing a presence in Singapore.
IV. What Preparations Should Companies Make?
Aiying recommends that companies focus on the following points when facing these new regulations:
Establishment of Compliance Team: According to MAS’s requirements, DTSPs must establish a compliance team in Singapore, led by a compliance officer with suitable qualifications. Therefore, companies should plan their compliance architecture early, especially recruitment and training of local compliance personnel.
Auditing and Network Security: MAS emphasizes the importance of penetration testing and audits. Companies should ensure that their network security systems meet MAS’s standards and validate the effectiveness of compliance controls through independent audits.
Design Reasonable Business Models: For companies that wish to obtain licenses in Singapore but primarily operate in other regions, they must be able to provide MAS with a reasonable explanation of the necessity and credibility of their business models in order to obtain approval.
Capital Preparation and Risk Assessment: Companies should ensure compliance with the minimum capital requirement of SGD 250,000 and conduct comprehensive risk assessments to prepare for possible future regulatory changes.
V. Specific Implementation Timeline and Transition Policy
MAS’s public consultation on these new guidelines and requirements will continue until November 4th. Although the specific dates for the implementation of these measures have not been finalized, MAS has stated that once the measures are finalized, the public will have approximately four weeks for the transition to implement the new measures. At that time, any DTSPs operating in Singapore without an MAS license must stop or suspend their operations in Singapore.
MAS emphasizes that these new measures are crucial for safeguarding the integrity of Singapore’s financial system and aligning with evolving international digital asset standards. For observers of the crypto asset industry, the key question is whether these stringent new regulations will attract DTSPs to seek compliant operations in Singapore or deter some innovators due to high compliance costs.
This question also applies to the Asia-Pacific region, especially Hong Kong. In recent years, Hong Kong has shown active performance in the digital asset field, establishing regulatory sandboxes to support stablecoin issuers and financial institutions exploring tokenization use cases, and explicitly stating that digital asset innovation is an important driver of its financial industry’s growth. The choices Web3 institutions make regarding compliance architecture in the Asia-Pacific and even globally are crucial for long-term development, and Aiying will continue to provide professional and practical experience-sharing.