Categories: MAS Regulations and Licences

by jiawen

Share

MAS Regulations and Licences

Share

With the broad spectrum of technological advancements over the last decade, the financial sector is currently undergoing a digital revolution. Such a development allows the Financial Institutions (FIs) to market their financial service offerings through an entire new, virtual platform and deliver a seamless customer experience. This allows them to stand out in today’s highly competitive business environment.

However, the adoption of high-tech innovations can be a double-edged sword, as it exposes the FIs to an increasing risk of cyberattacks. In early 2020, a massive hack was reported by US-based IT management software provider SolarWinds, that put thousands of their high profile clients around the world like Cisco, FireEye at risk of cyber intrusions. According to a recent news posted on The Straits Times, this cybersecurity incident has prompted the Monetary Authority of Singapore (MAS) to reassess the soundness and completeness of current risk management measures adopted by FIs. In January 2021, the MAS has issued a revised Technology Risk Management Guidelines for FIs to comply with. This helps to maintain a strong cyber resilience and safeguard the clients’ data against any breaches.

Hence, while riding the wave of digitalisation, FIs are responsible to assess their firm’s exposure to certain technology risks. They should put in place a comprehensive set of technology risk management framework that is consistent with the MAS guidelines in order to better manage the technology risks and cybersecurity threats. Due to an increasing reliance on third-party service providers to offer supports in part of the business processes, MAS requires all FIs to conduct an evaluation on the technology vendors in terms of their internal security approaches and quality assurance practices before entering into a contractual relationship.

Conclusion

In general, the regulatory obligations are equally applicable to all companies that intend to obtain any MAS licence, including a Payment Services Provider Licence or Capital Markets Services (CMS) Licence. By developing more stringent security controls and enhanced risk mitigation strategies, it will create a safe and trusted platform for customers to perform transactions and share their privacy data with the intended parties.

How We Can Help

Alder Corporate Services provides a complete suite of regulatory and compliance services supporting our clients’ businesses, including:

  • Offer Professional Advice on the Specific Licence Requirements
  • Assist with the MAS Licence Application (e.g. Payment Services Provider Licence, Capital Markets Services Licence etc)
  • Review the Submission Documents
  • Liaise with MAS on Licence Application-related matters
  • Provide On-going Compliance Support Post-Licence Approval

Reference Materials

Jibilian, I., Canales, K. (2021). ‘The US is readying sanctions against Russia over the SolarWinds cyber attack. Here’s a simple explanation of how the massive hack happened and why it’s such a big deal’, Business Insider, 16 April. Available at: https://www.businessinsider.com/solarwinds-hack-explained-government-agencies-cyber-security-2020-12

Tham, I. (2021). ‘MAS announces new rules in Singapore after SolarWinds cyber attack exposes firms around the world’, The Straits Times, 18 January. Available at: https://www.straitstimes.com/tech/tech-news/mas-announces-new-banking-rules-for-singapore-after-solarwinds-cyber-attack-exposes

Drop us an enquiry to find out how we can help you with MAS regulations.

Related Posts

  • Overview of Fund Management Licences in Singapore

    Singapore remains one of the world’s top destinations for fund managers, managing S$6.07 trillion in assets as of December 2024. To operate locally, all fund management companies must be licensed or registered with the Monetary Authority of Singapore (MAS) under the Securities and Futures Act (SFA). This guide outlines the key licensing requirements under MAS’s latest framework.

  • MAS Digital Advertising Guidelines: What Financial Institutions Need to Know by March 2026

    On 25 September 2025, the Monetary Authority of Singapore (MAS) issued the Guidelines on Standards of Conduct for Digital Advertising Activities. These new rules, effective 25 March 2026, apply to all financial institutions (FIs) and their appointed digital marketers — including agencies, affiliates, and influencers (“finfluencers”).

  • Recent Updates: Singapore’s Sanctions against Russia

    Following Russia’s invasion of Ukraine, Singapore imposed targeted financial measures under MAS’s notice dated 13 March 2022. These measures prohibit financial institutions from conducting transactions or providing financial assistance to designated Russian banks, entities, and individuals. Institutions must freeze related assets and restrict dealings involving controlled strategic or dual-use goods bound for Russia. MAS’s directive highlights the importance of vigilance, robust due diligence, and strong compliance controls to ensure adherence to Singapore’s sanctions regime.

  • Cryptocurrencies are Changing the Fintech Landscape

    As Singapore positions itself as a global FinTech hub, cryptocurrency activities are gaining traction under tighter regulatory oversight. The Monetary Authority of Singapore (MAS) now requires all Digital Payment Token (DPT) service providers to be licensed and meet stringent AML/CFT and technology risk management standards. Whether you’re an exchange operator or an investor exploring the digital asset space, understanding the Payment Services Act is essential to staying compliant and future-ready.