The Evolving Landscape Of Digital Token Regulation In Singapore

Singapore, a global financial hub, has consistently demonstrated its commitment to fostering innovation while maintaining a robust and secure regulatory environment. The introduction of the Financial Services and Markets Act 2022 (FSMA) marked a pivotal moment in this endeavour, particularly concerning the regulation of digital token (DT) services which takes effect on 30 June 2025.

Introduction to the FSMA

The FSMA introduces a new licensing regime (particularly for service providers that provide digital token services outside of Singapore from a place of business in Singapore). These services include, but are not limited to:

Transactions of DTs
Facilitating the exchange of DTs
Transferring DTs
Soliciting or attempting to solicit DT transactions
Safeguarding of DTs
Advisory services related to DTs

The new FSMA also details the general powers of the Monetary Authority of Singapore (MAS) over financial institutions, encompassing inspection authorities and provisions addressing critical areas such as anti-money laundering and countering the financing of terrorism (AML/CFT), technology and risk management, and general business disclosures and conduct. It also allows MAS to issue significant penalties such as fines and imprisonment as well as Prohibition Orders (POs) that will prohibit business or individuals from providing such services for non-compliance.

Phased Implementation of the FSMA and the DTSP Provisions

The implementation of the FSMA has been staggered:

Phase 1 (Commenced 28 April 2023): This phase involved migrating MAS's general powers over financial institutions from the Monetary Authority of Singapore Act 1970 (MAS Act) to the FSMA. This included provisions on MAS's general powers, the AML/CFT framework, and financial dispute resolution schemes.
Phase 2A (Commenced 10 May 2024): Introduced new provisions on technology and risk management, as well as provisions relating to the control and resolution of financial institutions.
Phase 2B (Commenced 31 July 2024): Implemented MAS's harmonized and expanded power to issue prohibition orders.

Most recently, on 30 May 2025, the Financial Services and Markets Act 2022 (Commencement) Notification 2025 was published. This critical development brings into operation, on 30 June 2025, specific provisions related to DTSPs, including Part 9 and relevant sections and schedules of the FSMA.

A significant aspect of this commencement is the absence of a transitional arrangement for DTSPs. This means that DTSPs subject to licensing under the FSMA must either suspend or cease carrying on a business of providing DT Services by 30 June 2025.

Regulatory Stance to DTSPs Under the FSMA

Through the DTSP Provisions, MAS aims to regulate DTSPs that are individuals, partnerships, or Singapore corporations operating from a place of business in Singapore, or formed/incorporated in Singapore, but which primarily provide DT Services outside Singapore.

Crucially, MAS' stance is that it will only consider granting a license under section 138 of the FSMA (DTSP Licence) in "extremely limited circumstances." This cautious approach stems from the inherent money laundering and terrorism financing risks associated with such cross-border operating models and the reputational damage that it does to Singapore if a lenient approach is taken.

This stringent approach also takes into account the existing regulatory landscape, where in most cases, persons operating from a place of business in Singapore or formed/incorporated in Singapore will already carry on a business of providing DT Services in Singapore. Such entities are subject to existing regulatory frameworks under the Payment Services Act 2019 (PSA), the Securities and Futures Act 2001 (SFA), or the Financial Advisers Act 2001 (FAA). These entities would generally be exempted under section 137(5) of the FSMA, meaning they do not need to obtain a separate DTSP Licence for activities already covered by their existing licenses or exemptions under the SFA, FAA, or PSA.

Key Requirements for DTSP Licensees

Ahead of the 30 June 2025 commencement date, MAS has published finalized versions of the subsidiary legislation, notices, and guidelines relating to the DTSP Provisions. These documents outline the specific requirements for DTSP Licensees, covering various operational and compliance aspects:

1. DTSP Licence Fees and Financial Requirements

Financial Requirements: The minimum financial requirements are as follows:
- For companies, a base capital of $250,000
- For partnerships (including limited liability partnerships), a total capital contribution of $250,000
- For individuals, a cash deposit of $250,000
Annual DTSP Licence Fees: Maintained at S$10,000, payable by all DTSP licensees regardless of their size, scope of business, or the number of DT Services provided.

2. Business compliance and governance

The Financial Services and Markets Regulations detail requirements for the approval of the CEO, directors, partners, or managers of a DTSP Licensee, as well as audit requirements.
For individuals providing DT services: MAS has clarified that an individual located in Singapore who is an employee of a foreign-incorporated company providing DT Services outside Singapore would not, by their employment alone, trigger a licensing requirement under the FSMA.

3. AML/CFT Requirements (FSM Notice FSM-N27)

MAS has put forth stringent AML/CFT controls for DTSP Licensees, aligning Singapore with international Financial Action Task Force (FATF) standards. Key requirements include:

Customer Due Diligence: DTSP Licensees must perform CDD measures, including identifying and verifying all users past or present.
Prohibition on Bearer Instruments and Large Cash Transactions: DTSPs are not allowed to make payment for a sum of money in the form of a bearer negotiable instrument equal to or exceeding $20,000 (including multiple transactions aimed at circumventing the aforementioned threshold).
Reliance on Third Parties: DTSP Licensees generally may rely on licensed payment service providers and financial institutions for compliance with AML/CFT requirements as long as the specified requirements are complied with. In such cases, the DTSP Licensee will remain liable and responsible for its AML/CFT obligations.

4. Reporting Requirements, Technology Risk Management, and Cyber Hygiene

MAS has introduced several notices to ensure robust operational resilience and reporting:

Suspicious Activities and Fraud (FSM-N28): Licensees must report any suspicious activities and incidents of fraud material to their safety, soundness, or reputation to MAS within five working days of discovery. For fraud incidents, a police report is also required, with a copy submitted to MAS. If no police report is filed, reasons must be provided to MAS.
Regulatory Reporting (FSM-N29): Imposes periodic regulatory reporting obligations (one monthly submission, one every 6 months, one every year) to enable MAS to monitor licensees' DT Services profiles and conduct targeted supervision.
Technology Risk Management (FSM-30): DTSP Licensees must adhere to new measures for managing technology risks, supplementing the existing MAS Guidelines on Risk Management Practices – Technology Risk (TRM Guidelines).
Cyber Hygiene (FSM-31): Requires DTSP Licensees to implement specific cyber hygiene measures, such as securing administrative accounts, timely application of security patches, enforcing network perimeter defence and malware protection, and strengthening user authentication. These requirements align with MAS's broader push for cyber resilience across the financial sector.

5. Conduct and Disclosures and Communications

MAS has also established clear expectations for business conduct and transparency:

Conduct (FSM-N32): This notice details conduct requirements, including minimum operating days and hours, display of exchange rates and fees, transaction recordkeeping, and issuance of receipts. Notably, DTSP Licensees must appoint at least one person to be present at their permanent place of business for a minimum of 10 days each business month and at least eight hours on those days during normal business hours, unless customers are notified in advance or unforeseen circumstances prevent it.
Disclosures and Communications (FSM-N33): Requires DTSP Licensees to provide all customers and potential customers with a prescribed risk warning statement. While MAS does not dictate the languages for this statement, licensees must determine this based on their business nature and customer base. Importantly, DTSP Licensees must always ensure their representation regarding the scope of their DTSP Licence and MAS regulation is accurate, including correcting any false or misleading statements made by third parties.

6. General MAS Guidelines

MAS has confirmed that existing guidelines applicable to all financial institutions will also apply to all licensees under the FSMA, including DTSP Licensees. These guidelines, which set out industry principles and best practices, include the Guidelines on Fit & Proper Criteria (F&P Guidelines), Outsourcing, Business Continuity Management, and the broader TRM Guidelines.

Key Takeaways

Companies should consider the following when determining whether they are affected by the Financial Services and Markets Act (FSMA) amendments commencing on June 30, 2025:

Determine if Regulated Activities Apply: Assess whether the class of assets your company has or is dealing with, or the scope of services you undertake, constitute regulated activities under the FSMA or the SFA. This will help determine if the amendments apply to your business.
Digital Token Service Providers (DTSPs): If your company provides digital token services, you will be regulated under Part 9 of the FSMA. Existing DTSPs providing services only to customers outside of Singapore should review their operations to determine if they need to obtain a license.
Licensing Requirements under FSMA read with other relevant legislation: Determine if your company's activities fall within the scope of Part 9 of the FSMA and require licensing, with consideration for the type of services provided, customer base, and whether any exemptions apply.
Exemptions: Review the FSMA amendments and other statutory provisions to determine if your company likely qualifies for any exemptions, with consideration for factors such as the location of customers and the type of services provided.
Regulatory Compliance: Ensure your company complies with the regulatory framework, including any necessary licenses, reporting requirements, and ongoing obligations under the FSMA, PSA, FAA and SFA.
MAS Guidelines: Familiarise yourself with the MAS guidelines and regulations regarding digital token services, licensing requirements, and other relevant regulations.

Conclusion

The FSMA reshapes the regulatory landscape for digital token services in Singapore. With no transitional arrangements in place, entities providing DT Services outside Singapore from a place of business in Singapore are the most affected and would have to review their current business and apply for a DT licence or cease operations and wind down.

Thus, it is essential to assess your company's specific circumstances and activities to determine the impact of the licensing requirements. Consulting with lawyers is beneficial in navigating through these legal complexities and allows you to remain compliant with the evolving regulations.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.