“Financial Services and Markets Bill” – Second Reading Speech by Mr Alvin Tan, Minister of State, Ministry of Culture, Community and Youth & Ministry of Trade and Industry, and Board Member of MAS, on behalf of Mr Tharman Shanmugaratnam, Senior Minister and Minister-in-charge of the Monetary Authority of Singapore, on 4 April 2022
1. Mr Speaker, Sir, on behalf of the Prime Minister, I beg to move, “That the Bill be now read a second time”.
2. Sir, the financial sector is dynamic and rapidly evolving, driven by innovation, digitalisation and the design of new products and services. The sector has transformed significantly in recent years, in terms of the types of transactions, and the persons, institutions and technology conducting these transactions.
3. We must ensure that MAS keeps abreast of these developments and equip it with the tools to facilitate the development of these new products and services while managing the risks involved. There are two key angles in this Bill that improve MAS’ effectiveness in doing so. First, it enhances MAS’ regulatory and enforcement framework across the financial sector, besides rules designed for each segment of the sector. We will consolidate some of MAS’ powers on similar issues which are currently spread across various Acts into one single Bill - for instance, the proper management of technology risk and measures to instill proper conduct amongst professionals in the financial sector. Second, it addresses regulatory challenges presented by the digitalisation and transformation of the financial market.
4. Let me speak briefly on why these are needed and important improvements. First, the need to enhance sector-wide regulatory effectiveness.
5. MAS presently regulates the financial sector through various Acts, each of which focuses on specific sectors and activities. For example, the Securities and Futures Act regulates the capital markets and its participants, while the Insurance Act deals with the activities of insurance firms and agents, amongst others. Because the regulatory framework is structured in this manner, certain MAS powers, such as the power to issue prohibition orders (POs), or the power to impose technology risk management requirements, can be found in different Acts, sometimes in differing forms. They may also not be found in all the MAS-administered Acts. For instance, the current powers to issue POs only apply to persons who provide capital markets services, financial advisory services or insurance services. This is clearly not comprehensive enough, as it leaves out other traditional sectors such as banking, as well as newer sectors like payment services.
6. There are also other powers in the MAS Act which cut across the different sectors within the financial sector, such as those relating to anti-money laundering and countering the financing of terrorism (AML/CFT), the resolution of FIs in distress and financial industry dispute resolution schemes. These powers will now be housed under the FSM Bill, which acts as an omnibus Bill.
7. Sir, as I mentioned, the second key angle of the Bill is digitalisation, which is fundamentally transforming the financial sector. For example, vastly more financial transactions are now conducted digitally through mobile applications, and virtual assets such as Bitcoins and non-fungible tokens (NFTs) are becoming more common globally.
8. MAS is committed to facilitating the growth opportunities presented by digital finance, and the cheaper and more convenient services it often brings for consumers, while guarding against new risks.
9. These digital transformations could disrupt and challenge existing regulatory frameworks which were designed for more traditional forms of financial transactions and services. For example, digital token service providers (DT service providers) could easily structure their businesses to evade regulation in any one jurisdiction, as they operate mainly online. We could be exposed to reputational risks brought by DT service providers created in Singapore, and which provide services relating to virtual assets such as Bitcoin outside Singapore. The FSM Bill seeks to mitigate such risks by licensing these players and imposing AML/CFT requirements on them. The Bill also enhances MAS’ powers to ensure that FIs bolster the security and resilience of digital services.
10. In short, to continue safeguarding Singapore’s financial stability and maintaining public confidence in our financial sector, we must update our regulatory and enforcement framework to plug existing gaps and keep up with new risks emerging from an increasingly integrated, digitised and complex financial market.
11. MAS has consulted both the industry and the public, and received broad support for the FSM Bill. MAS has incorporated the feedback received into the FSM Bill, where appropriate.
12. Sir, I will now go through each of the 4 key aspects of the FSM Bill, starting with the power to issue prohibition orders.
(A) Harmonised and expanded power to issue POs
13. The Bill provides MAS with broader powers to impose POs against persons who have shown themselves to be unfit to perform key roles, activities and functions in the financial industry.
14. POs are issued in cases of serious misconduct, such as to individuals who have been convicted of fraud or dishonesty in respect of their dealings with customers. The issuance of such POs can also deter others from committing similar lapses.
15. However, there are limitations to MAS’ current PO powers. MAS can only issue POs to certain specified persons under the Financial Advisers Act (FAA), Securities and Futures Act (SFA), and the Insurance Act (IA), such as trading representatives and insurance agents. However, there are people who work in the financial industry who do not fall within the existing categories. For example, it would not be possible to issue a PO to a bank manager unless he is also a person to whom POs may be issued under any of the three previously mentioned Acts.
16. Furthermore, while MAS has been decisive in issuing POs to individuals who have committed serious misconduct, such as in the 1MDB case, its powers have only enabled it to prohibit individuals from carrying out key regulated activities under the three Acts, such as providing financial advisory services. MAS’ existing powers do not extend to prohibiting persons from carrying out other activities, including providing payment services, or conducting other important functions in the financial industry, such as risk management or compliance, and the administration of critical systems.
17. The FSM Bill broadens the categories of persons who may be subject to POs, rationalises the grounds for issuing POs (from a list of specific criteria to a single fit and proper test) and widens the scope of prohibition to cover functions critical to the integrity and functioning of FIs. The revised PO powers are broadly aligned with those in Australia, Hong Kong, UK and US.
18. MAS will continue to exercise its PO powers judiciously, taking into account the nature and severity of each misconduct, and its actual and potential impact on trust in our financial sector. Existing checks and balances will continue to apply. Before MAS issues a PO to any person, the person has the opportunity to make representations to MAS. If MAS proceeds with issuing a PO, the person has the right to appeal to the Minister.
(B) Enhanced regulation of DT service providers for money laundering and terrorist financing risks
19. Next, I will speak on the enhanced regulation of DT service providers for money laundering and terrorist financing (ML/TF) risks.
20. The Financial Action Task Force (FATF) has strengthened international standards for virtual asset service providers (VASPs) in June 2019 for this purpose. We have already made amendments to existing legislation to implement these enhanced standards. VASPs are termed as digital token service providers for the purposes of the FSM Bill and I shall refer to them as DT service providers. Entities that conduct the business of providing digital token (DT) services in Singapore are subject to current legislation regardless of where they are established. However, DT service providers created in Singapore without providing any DT services in Singapore are currently unregulated for AML/CFT. Further, these entities may claim to be headquartered here to take advantage of Singapore’s global reputation. This creates reputational risks for Singapore.
21. This regulatory lacuna is global. Where a DT service provider established in one jurisdiction does not provide services in that jurisdiction but offers its services digitally to other markets, the gap in the current global regulatory framework leads to no single jurisdiction having sufficient regulatory hold over the DT service provider for its ML/TF controls. To close this gap, the enhanced FATF standards require DT service providers to be at least licensed or registered in the jurisdictions(s) where they are created.
22. Persons that provide DT services in Singapore will continue to be regulated under existing MAS-administered Acts. The FSM Bill will regulate all persons in Singapore who conduct a business of providing DT services purely outside Singapore, if they are created in or operate their business from Singapore.
23. The FSM Bill will regulate such DT service providers as a new class of FIs, primarily for ML/TF risks. The FSM Bill will introduce licensing requirements and general powers over DT services providers, including powers for MAS to conduct AML/CFT inspections, and render assistance to domestic authorities and MAS’ foreign AML/CFT supervisory counterparts.
24. MAS will also impose other requirements on DT service providers, such that they have a meaningful presence in Singapore and MAS has adequate supervisory oversight over them. The AML/CFT requirements imposed on DT service providers will be aligned with the requirements imposed on digital payment token service providers regulated under the Payment Services Act.
(C) Harmonised power to impose requirements in technology risk management
25. Sir, I will now speak on the harmonised power to impose requirements in technology risk management (TRM). The Bill consolidates existing TRM requirements made under various MAS-administered Acts by introducing powers within the FSM Bill that apply to any FI or class of FIs. The powers will enable MAS to impose requirements in TRM, as well as in the safe and sound use of technology to deliver financial services and protect data.
26. As I mentioned earlier, FIs today rely heavily on technology to deliver financial services. However, the current maximum penalties that can be imposed for breaches of TRM requirements are not commensurate with the potential widespread impact to FIs’ customers and the financial industry that could result from such breaches. With the passing of the FSM Bill, the maximum penalty for each breach of a TRM requirement will be raised to $1 million per breach. A technology event which impacts an FI’s customers or other industry participants could involve breaches of several TRM requirements. This means that an FI could face a much higher than $1 million financial penalty for a serious cyberattack or disruption to essential financial service where multiple breaches of TRM requirements are established (e.g., ATM network disruption, online trading disruption).
27. The quantum proposed is intended to underscore the critical importance of TRM to FIs’ operations and the sound functioning of the financial system. The quantum was derived after considering existing penalty regimes of other jurisdictions and Singapore Government agencies. For example, a contravention of the relevant provisions in the Telecommunications Act and Personal Data Protection Act can attract a financial penalty of $1 million. In Hong Kong, a breach of data protection requirements can result in a financial penalty of HKD $1 million. In addition to the penalty imposed for a breach of TRM requirements, MAS is empowered to take other supervisory actions, such as requiring FIs to set aside additional regulatory capital until MAS is satisfied that adequate technology risk control measures have been put in place to address deficiencies.
(D) Statutory Protection from liability for mediators, adjudicators and employees of operator of approved dispute resolution scheme
28. Lastly, let me speak on the statutory protection from liability for mediators, adjudicators and employees of an operator of an approved dispute resolution scheme.
29. Presently, an adjudicator, employee, officer or representative of the Financial Industry Disputes Resolution Centre Ltd, or FIDREC, which operates an approved financial dispute resolution scheme, is contractually conferred certain protection from claims by a complainant or FI.
30. The FSM Bill will provide statutory protection for such persons. This will strengthen the confidence and autonomy of these individuals when they carry out their duties and align the level of protection for them more closely with that of other public dispute resolution bodies in Singapore and internationally.
31. They will be protected from liability if they acted with reasonable care and in good faith in the course of mediating or adjudicating a dispute. They will, however, continue to be liable for acts involving wilful misconduct, negligence, fraud or corruption.
32. Mr Speaker, Sir, in conclusion, the FSM Bill will enable and empower MAS to respond more effectively to the opportunities and challenges posed by a dynamic and rapidly evolving financial sector, and position Singapore to strengthen our role and reputation as a safe, trusted and innovative global financial centre.
33. Sir, I beg to move.