Reply to Parliamentary Question on regulations governing digital advisors
QUESTION NO 1425
NOTICE PAPER 1846 of 2019
FOR WRITTEN ANSWER
Date: For Parliament Sitting on 7 October 2019
Name and Constituency of Member of Parliament
Miss Cheng Li Hui, MP, Tampines GRC
To ask the Prime Minister (a) whether there is a need to strengthen regulations governing digital advisors in order to better protect the interests of Singaporean investors; (b) whether the current MAS guidelines have resulted in the establishment of adequate and robust frameworks by digital advisors to manage technology and cyber risks; and (c) what mechanism is in place for the Government to ensure compliance with the regulations and effective adoption of the guidelines.
Answer by Mr Tharman Shanmugaratnam, Senior Minister and Minister in charge of MAS:
1. Financial advisory services are regulated under the Financial Advisers Act (FAA).Under the Act, digital advisers conducting similar regulated activities as brick-and-mortar entities are subject to the same rules.
2. In addition, MAS has issued guidelines to clarify how relevant FAA regulations should be applied to digital advisers. For example, under the FAA, financial advisers must have a reasonable basis for product recommendations to customers. In the digital world where advice is generated by algorithms, digital advisers must put in place methodologies to test and monitor the performance of algorithms. Digital advisers must also be staffed by persons who have the competency and expertise to develop, review and test the methodology of the algorithms. Where appropriate, MAS will also require digital advisers to undergo a post-authorisation audit covering the governance and control of their algorithms.
3. Another example is the guidelines on outsourcing. Digital advisers may outsource the development and maintenance of their algorithm-based tools or back-end activities, but they remain responsible for the risks of these outsourced activities and have to observe MAS’ guidelines on Outsourcing and Technology Risk Management (TRM). The TRM guidelines set out IT risk management principles and best practices to strengthen their cyber resilience and guard against cyber-attacks.
4. MAS also supervises financial institutions, including digital advisers by conducting offsite reviews and onsite inspections. We assess the robustness and effectiveness of systems to mitigate market conduct, technology and cyber-security risks, and require financial institutions to rectify any weaknesses discovered.
5. There is hence an effective regulatory and supervisory framework to supervise digital advisers, but MAS continues to review and improve the system.