The Payment Services Act 2019 (PS Act) of Singapore is a comprehensive regulatory framework that governs payment service providers to enhance the safety, security, and efficiency of payment systems. One of the critical areas under the PS Act is the safeguarding of customer money, which ensures that customers’ funds are protected from misuse and insolvency risks.

Key Safeguarding Requirements

Under the PS Act, payment service providers (PSPs) offering services, such as e-money issuance, or money transfer, are required to safeguard customer funds. The relevant provisions and requirements include:

1. Segregation of Client Money

Section 23 of the PS Act stipulates that licensees must ensure customer money is segregated from their operational funds. This means maintaining separate bank accounts designated solely for holding customer funds to prevent commingling with the company’s assets. This separation protects customer money in the event of the PSP’s insolvency.

2. Safeguarding Arrangements

A major payment institution must ensure that money received from, or on account of, a customer for domestic or cross-border money transfer services or on account of merchant acquisition is
safeguarded if it continues to hold at the end of the business day.
Similarly, a major payment institution must safeguard customer’s funds, at all times, received in exchange for issuing e-money except where these funds are received for:

• Payments made to reduce a customer’s debt to the institution,
• Refunds or repayments made by the institution to the customer,
• Funds used to pay service fees or charges imposed by the institution,
• Payments made to a recipient as per customer instructions (whether received or not) or
• Money paid to another person who is legally entitled to it.

This safeguarding can be done in one of the following manners:

1. by an undertaking, from a safeguarding institution, such as a bank licensed in Singapore, to be fully liable to the customer for the relevant money;
2. by a guarantee given by a safeguarding institution for the amount of the relevant money;
3. by depositing the relevant money in a trust account maintained with a safeguarding institution.

3. Timely Safeguarding

PSPs are required to safeguard customer money within a specified period, usually by the end of the next business day after receiving the funds. This ensures that customers’ funds are protected from misuse and insolvency risks.

4. Regular Reconciliation

PSPs must reconcile their records of customer funds daily. This process involves verifying that the amounts held in safeguarding accounts match the total funds owed to customers. Discrepancies must be resolved immediately to maintain compliance.

5. Reporting and Auditing

PSPs must regularly report to the Monetary Authority of Singapore (MAS) on their safeguarding arrangements. They are also subject to periodic audits to ensure compliance with safeguarding obligations.

Consequences of Non-Compliance

Non-compliance with safeguarding requirements can lead to severe penalties, including fines, suspension of the PSP’s license, or other regulatory actions by MAS. PSPs must establish robust
internal controls and governance frameworks to ensure adherence to these regulations.

Why Safeguarding Matters

The safeguarding of customer money is vital for maintaining trust and confidence in payment services. It mitigates risks associated with insolvency and misuse of funds, providing customers with assurance that their money is secure.

How We Can Help

We at Ingenia Consultants Pte. Ltd. support our clients in navigating the safeguarding requirements under the PS Act. We specialize in helping PSPs comply with regulatory obligations, including setting up appropriate safeguarding mechanisms.

For any further information, please contact:
Vijay Bharadwaj
Director
Ingenia Consultants Pte. Ltd.
vijay.bharadwaj@ingenia-consultants.com

Licenced fund management companies restricted to servicing qualified investors, namely accredited investors and institutional investors, (“A/I LFMCs”) are generally required to submit quarterly and annual returns to the Monetary Authority of Singapore (“MAS”) to confirm their compliance with capital requirements and provide information for supervisory and statistical purposes.
Every quarter, they must submit the following forms (reg. 27 SF(FMR)R and sec. 3(1) and 5 of the Statistics Act 1973):

• Form 1
• Form 2
• Quarterly Income & Expenditure Statement For Compilation Of Value-Added Of Financial Sector (Financial Institutions Excluding Insurance Companies) (“QIE Form”)

Form 1 and Form 2 must be submitted within 14 days after the end of the quarter end (reg. 27(6) SF(FMR)R). The QIE Form must be submitted within 15 days after the end of every quarter (para. 2 ED S 01/88 dated 18 July 2018). The latest forms can and should be downloaded from MASNET.

Every year, A/I LFMCs must submit the following forms and document (sec. 107(1) SFA, reg. 27(8)-(9) SF(FMR)R):

• Financial statements
• Form 1
• Form 2
• Form 3
• Form 4
• Form 5
• Form 6

All of these documents must be submitted within 5 months after the end of the financial year (sec.107(1)(a) SFA).

A/I LFMCs are expected to submit all forms within the stipulated timelines. Missing submissions and missed deadlines contributed to several enforcement actions by the MAS.[1]

If the A/I LFMC is unable to submit the forms within the stipulated timelines, it should notify its MAS officer-in-charge ahead of the deadline, providing reasons for its inability.

Quarterly Returns

The quarterly returns are based on the management accounts of the A/I LFMC. As the timeline for the submission of the quarterly returns is quite short, the A/I LFMC should clearly convey to its accounting team that the management accounts must be quickly prepared after the end of the calendar quarter, in particular, where the A/I LFMC is engaging an outsourced accountant. It is also important to note that the preparation of the quarterly returns requires the balance sheet as of the end of each month to calculate the average aggregated assets in Form 2.

Form 1

To a large extent, Form 1 is a restatement of the Company’s balance sheet whereby the exposure to the different types of activities under the Securities and Futures Act 2001 is emphasised.

Tips

Contrary to Form 1, the “Unappropriated profit or loss” in Form 1 is the sum of the retained earnings and the current financial year’s profit or loss.

Form 2

Form 2 focuses on the A/I LFMC’s capital requirements: the base capital, financial resources, the total risk requirement, and adjusted assets. A/I LFMCs may note that the section on aggregate indebtedness does not apply to them (reg. 15 SF(FMR)R).

Tips

For the calculation of the base capital, the A/I LFMC must pay particular attention to the statement of its profit or loss. For the calculation of the base capital, the “Unappropriated profit or loss” is the A/I LFMC’s last audited profit or loss, its retained earnings. The current financial year’s loss must be deducted from the base capital whereas the current financial year’s profit must not be added for the base capital calculation but is taken into account for the calculation of the financial resources. It is important to remember that the “unappropriated profit or loss” changes and only changes after the A/I LFMC’s financial audit is completed.

An A/I LFMC also does not need to calculate the counterparty risk requirement, the position risk requirement, the large exposure risk requirement or the underwriting risk requirement as long as its average adjusted assets do not exceed the lower of SGD 10m or five times its financial resources (para. 3.3.1(a) read in conjunction with 3.3.3 SFA04-N13).

In many cases, an A/I LFMC’s operational risk capital is simply SGD 100,000. Until the A/I LFMC has an average gross income of SGD 2m for the three immediately preceding years, the A/I LFMC’s operational risk requirement is SGD 100,000 (para. 4.1.2 SFA04-N13).

QIE Form

The QIE Form is based on the A/I LFMC’s profit and loss statement for the full quarter. It examines the A/I LFMC’s income and expenses for statistical purposes. The first section collects data on the investments and their depreciation. The second section analyses the income and expenses, including employment.

To properly complete the QIE Form, the A/I LFMC must report business transactions with Singapore residents and firms under “In Singapore” and transactions with persons and firms outside Singapore under “Outside Singapore”. The A/I LFMC may need to organise its accounting to extract the figures with this segregation.

Salaries are also reported “In Singapore” and “Outside Singapore”. At the same time, a distinction is made between “Singapore resident employees”, these are Singapore citizens and Singapore permanent residents, and other staff, “Non-Singapore resident employees”. The same distinction is also made for total employment figures as at the end of the quarter. The A/I LFMC may need to inquire with its human resources department to make these distinct amounts available.

Tips

In the transfer of its accounts into the QIE Form, the A/I LFMC should pay particular attention to accounts with a negative figure. The QIE Form (generally) does not allow for negative income or expenses. As a result, a negative income may need to be reported as an expense and vice-versa.

In the QIE Form, values must be stated to the nearest Singapore dollar. This may lead to slight discrepancies when multiple numbers that were individually rounded are added up to a sum, namely the profit/loss before tax. Where the A/I LFMC encounters an error message for a field that is a sum, it is worth examining it for an error due to the rounding of the individual components.

Annual Returns

The annual returns are based on the audited financial statements of the A/I LFMC.

Form 1 and Form 2

The A/I LFMC must submit Form 1 and Form 2 as part of its quarterly returns and as part of its annual returns. Although the forms for the quarterly and the annual returns request the same data, different templates need to be used. Importantly, the figures in the annual submissions must be based on the audited financial statements. Thus, they may differ from the figures submitted for the quarter end that coincides with the financial year-end.

Form 3

Form 3 examines the income of the A/I LFMC based on the types of financial services activities.

Tips

Many activities will not apply to the A/I LFMC because the same form applies to all holders of a capital markets services (“CMS”) licence.

Form 4

In Form 4, the A/I LFMC must catalogue its assets under management, namely based on types of investors and activity.

Tips

For the distinction between “Institutional clients” and “Individual clients”, “Institutional clients” is not equivalent to institutional investors as defined in section 4A(1)(c) of the Securities and Futures Act 2001. This distinction in Form 4 rather reflects the distinction as per the market practice of whether the A/I LFMC’s customer is an individual or an institution.

Where an A/I LFMC is also exempt from the requirement to hold a financial adviser’s licence, the A/I LFMC should also note that the distinction between funds under “discretionary management” and “under advisory service” does not reflect the distinction between the two regulated activities of fund management and financial advice. Funds “under advisory service” means the value of assets for which the A/I LFMC acts as an advisor without the authority to make investment decisions. This targets funds where the primary fund manager engages the A/I LFMC as an advisor/sub-advisor for a fund.

Form 5 and Form 6

Form 5 and Form 6 must be completed by the A/I LFMC’s external auditor. In Form 5, the auditor confirms that it has audited the A/I LFMC’s accounts. However, the auditor also confirms that nothing has come to its attention that causes it to believe that the A/I LFMC has not complied with all conditions and restrictions applicable to the A/I LFMC under its licence, i.e. under applicable regulations and as imposed in its licence. Due to this confirmation, various external auditors insist on a comprehensive review of the A/I LFMC’s internal controls, not just the A/I LFMC’s accounts. In Form 6, the auditor confirms that the A/I LFMC’s financial statements have been properly drawn up. 

Financial Statements

The financial statements that the A/I LFMC submits as part of its annual returns must be true and fair financial statements made up to the last day of its financial year in accordance with the Companies Act 1967 (reg. 27(8) SF(FMR)R) and must include the management letter (if any). These will be the company’s audited financial statements.

Ingenia Consultants Pte. Ltd. supports financial institutions in their compliance, including the preparation of quarterly and annual returns for fund management companies. This support is included in our outsourced compliance services or can be engaged separately.

For any further information, please contact:

Maurice Yap
Senior Manager
Ingenia Consultants Pte. Ltd.
maurice.yap@ingenia-consultants.com

 

[1] For example, “MAS Takes Enforcement Actions Against China Capital Impetus Asset Management, its Executive Director and Former CEO for Breaches of the Securities and Futures (Licensing and Conduct of Business) Regulations” of 31 July 2024, “MAS Reprimands RVP One Pte. Ltd. and its Chief Executive Officer for Breaches of the Securities and Futures (Licensing and Conduct of Business) Regulations” of 30 July 2024.

In today’s dynamic business environment, managing risks effectively is critical to ensuring operational resilience, complying with regulatory requirements, and achieving organisational objectives. The risk control self-assessment (“RCSA”) process is a vital tool that empowers organisations to proactively identify, evaluate, and mitigate risks.

What is the RCSA process?

The RCSA is a structured and collaborative approach to assess risks and controls within the operations.

The process involves engaging various stakeholders to:

1. Identify Risks: Understand potential threats to achieving organisational objectives.
2. Assess Risks: Evaluate the likelihood and impact of identified risks.
3. Review Controls: Assess the effectiveness of current risk controls.
4. Mitigate Risks: Design and implement action plans to address gaps or improve existing controls.

Benefits of RCSA

The awareness of the risks it is exposed to and the RCSA process, in particular, provide several benefits
to the company.

1. Proactive Risk Management: The RCSA helps organisations identify and address risks before they materialise.
2. Enhanced Control Environment: The RCSA ensures controls are aligned with identified risks.
3. Informed Decision-making and Resource Allocation: The RCSA process provides leadership with actionable insights on risk exposure and helps allocate resources based on business needs.
4. Improved Compliance: The RCSA demonstrates due diligence in meeting regulatory and governance requirements, namely where the company applies a risk-based approach.
5. Collaboration and Awareness: The RCSA fosters a risk-aware culture across all levels of the organisation.

Key steps in the RCSA process

The RCSA process commonly follows the steps below to identify and assess the inherent risks and the existing controls, determine the residual risks based on these two factors and, finally, plan for required actions, if any.

1. Risk Identification

The relevant stakeholders identify the inherent risks that the company and its operations are exposed to. You can leverage tools like process maps, past incident reports, and risk libraries for a comprehensive view.

2. Inherent Risk Assessment

The identified inherent risks are rated based on two criteria: likelihood (frequency) and impact (severity). The risk rating is applied based on a risk matrix.

3. Control Evaluation

Existing controls are listed for each identified risk and evaluated for their adequacy, effectiveness, and efficiency. For this purpose, findings from recent quality assurance and internal and external audits should be considered.

4. Determination of Residual Risk

The residual risk of each inherent risk is determined by the rating of the inherent risk and the strength of the respective controls in accordance with a pre-defined matrix. Residual risks in the same category may be consolidated to obtain an easier understanding of the company’s risk exposure.

5. Action Planning

Where necessary, corrective action is developed, namely in case of inadequate controls or where the residual risk exceeds the company’s risk. Deadlines for the action items are determined, and ownership for their implementation is assigned.

6. Monitoring and Reporting

The progress of mitigation efforts is continuously tracked to ensure their timely implementation and, thus, enhanced risk mitigation. Findings are documented, and the reports are shared with key stakeholders for transparency and accountability.

Tailoring the RCSA Process for Your Business

Every organisation is unique, requiring a customised specific RCSA. Tailoring the RCSA to your business ensures that risk identification and mitigation strategies align with the organisation’s unique objectives, industry, and operational context. This customisation enhances the relevance, efficiency, and effectiveness of your risk management efforts.

We at Ingenia Consultants Pte. Ltd. support our clients in setting up enterprise-wide risk management frameworks commensurate with the nature, size and complexity of their operations. Namely, we help with the RCSA process and document it.

• Industry-specific risk libraries: We provide guidance to your company in identifying and assessing applicable risks leveraging our expertise across various sub-sectors of the financial industry, such as fund management, external asset management, payment services and digital asset services.

• Stakeholder engagement: We facilitate workshops and meetings to align teams with RCSA objectives.

• Periodic reviews: We establish a process and assist your company in reviewing your risks and refining the RCSA process based on evolving risks.

 

For any further information, please contact:
Vijay Bharadwaj
Director
Ingenia Consultants Pte. Ltd.
vijay.bharadwaj@ingenia-consultants.com

On 30 October 2024, the Monetary Authority of Singapore (“MAS”) issued an information paper on “AML/CFT Supervisory Expectations from Recent Inspections”. This information paper sets out the MAS’ expectations and good practices noted in recent anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”) inspections conducted across a range of financial institutions (“FIs”), including banks, payment service providers, capital markets services licensees, licensed trust companies and direct life insurers. The information paper encourages financial institutions to benchmark themselves against the practices and supervisory expectations set out in the information paper in a risk-based and proportionate manner and conduct a gap analysis, taking into account the risk profile of their business activities and customers. A separate circular by the MAS emphasises this expectation that financial institutions conduct a gap analysis.

Assessment of Customer Risk

FIs should have a good understanding of their customers’ profiles in order to inform their money laundering (“ML”) and terrorism financing (“TF”) risk assessment of the customer at onboarding and ongoing monitoring of business relations. As part of their inquiries into the customer, FIs should, among other precautions, take reasonable measures to obtain and verify information on their customers’ current and previous nationalities and identities, particularly for higher-risk customers. The FI should then consider all the customer’s current and previous nationalities and identities when assessing potential adverse news screening alerts, including searches in the native languages of countries associated with the customer, and assessing the ML/TF risk. The FI should assess the ML/TF risk, taking into consideration factors such as citizenship and residency by investment (“CBI”/”RBI”) schemes that are assessed to be of higher risk[1], frequent changes in nationalities or key identifiers of the customer, material discrepancies in information or adverse news. However, the MAS also indicates that customers can hold multiple nationalities for legitimate reasons, including via CBI/RBI schemes.

Identification of Material Red Flags

FIs should exercise vigilance in identifying material red flags in documents obtained from customers as part of their customer due diligence (“CDD”) process. Where there are doubts about the legitimacy of documents or representations obtained from or made by the customer, e.g. because of significant discrepancy to publicly available information, accounting anomalies, or lack of official sign-off, further follow-up actions, such as conducting an additional inquiry and independent due diligence on the customer or taking additional risk mitigation measures, such as exiting the business relationship or filing of a suspicious transaction report (“STR”), should be triggered.

FIs should provide clear guidance for their staff on their responsibilities to identify material red flags in documents or representations obtained from or made by customers, including examples and their escalation. The FIs should periodically review their guidance and are encouraged to leverage technology to enhance their detection of potentially fraudulent or tampered documents.

The Monetary Authority of Singapore’s recent circular, issued on 25 October 2024, sets supervisory expectations on anti-scam measures for Major Payment Institutions (“MPIs”) issuing e-wallets, which provide personal payment accounts, i.e., accounts for individuals in Singapore containing e-money.

Effective 15 December 2023, the stock cap for e-wallets has been raised to SGD 20,000 (from SGD 5,000), and the flow cap to SGD 100,000 (from SGD 30,000). MPIs that have already increased the cap are expected to already have the additional requirement (or should otherwise implement them immediately). MPIs wishing to adopt these higher caps must implement specific anti-scam measures beforehand. For MPIs not adopting the higher caps, MAS recommends progressive implementation of these measures to enhance anti-scam resilience.

Below we list a summary of the key requirements of these anti-scam measures that MPIs need to put in place.

Governance and Accountability

➢ Board of directors and senior management oversight: The board of directors and senior management oversee the implementation of anti-scam measures and must ensure that a framework for responding to scams is in place.
➢ A separate unit to assess scam-related disputes independently

Preventive Measures

➢ Restrictions on sending clickable links, QR codes, or phone numbers through SMS, unless specific criteria are met
➢ 12-hour cooling-off period for e-wallet access on new devices
➢ Additional verification for high-risk activities or transfers above SGD 1,000, with warnings about associated risks

Detective Measures

➢ Real-time outgoing transaction alerts and a default transaction threshold set to SGD 0 to detect potential fraud early
➢ Notifications for high-risk activities and new device logins, with user reminders to verify these actions

Remedial Measures

➢ Continuous reporting channels for users to report unauthorised transactions
➢ “Kill switch” allowing users to block their e-wallet if they suspect unauthorised access

 

At Ingenia Consultants Pte. Ltd., we support our clients in drafting policies and procedures and designing controls to comply with regulatory requirements.
For any further information, please contact:

Vijay Bharadwaj
Director
Ingenia Consultants Pte. Ltd.
vijay.bharadwaj@ingenia-consultants.com

The 2024 Terrorism Financing (TF) National Risk Assessment (NRA) offers an updated evaluation of Singapore’s TF landscape since the TF NR published in 2020. It reflects learnings and insights, particularly considering the digital economy’s accelerated growth in Asia due to the COVID-19 pandemic. This enables law enforcement, financial intelligence, regulatory, policy-making, and private sector entities to implement targeted, risk-focused CFT strategies and mitigation measures.

Singapore’s key TF threats stem from (i) terrorist groups such as the Islamic State of Iraq and Syria (“ISIS”), Al-Qaeda, and Jemaah Islamiyah, potential spillovers from the ongoing Israel-Hamas conflict and tensions in the Middle East, and (ii) radicalised individuals who are sympathetic towards the cause of these terrorist groups, particularly ISIS.

• ISIS: Following its retreat in 2018, ISIS is believed to have smuggled approximately USD 400 million out of Iraq and Syria. Known means of transfers involve cash couriers, money remittances, bank transfers, virtual currencies, and online transactions.
• Al-Qaeda and Jemaah Islamiyah: There are indications that Al-Qaeda and Jemaah Islamiyah have been rebuilding through their “long game” strategy and may resume planning large-scale attacks, necessitating the movement and raising of funds.
• Radicalised individuals: Singapore continues to detect radicalised individuals from both the local and foreign worker populations. In recent years, the majority of self-radicalised individuals detected in Singapore have been supporters of ISIS.

The main TF modalities observed from known cases include self-funding from legitimate or existing sources, namely individuals’ salaries or savings, and transfers via licensed money remittances. The amounts involved in these TF cases are generally small. Although there have been no instances of individuals leveraging newer forms of cross-border fast payment systems for TF purposes, there is an increased risk that terrorists, terrorist organisations, and their supporters may exploit the convenience of these new online transaction channels or virtual currencies/assets to further their terrorist causes.

The 2024 TF NRA identifies the following sectors as being at risk of being exploited for TF:

• Money remittances, including unlicensed and cross-border online payments: The money remittance sector, particularly unlicensed and cross-border online payments, is identified as posing a high risk for TF. The demographic profile of users and the established transaction corridors involving countries in the region that are more exposed to terrorism/TF risks heighten Singapore’s vulnerability. The disparities in TF detection capabilities across the sector, with smaller-scale remittance agents potentially lacking the resources to employ advanced tools, further contribute to the vulnerability.
• Banks, including new cross-border fast payment systems: The banking sector, including new cross-border fast payment systems, is assessed as having a medium-high risk for TF. Singapore’s status as an international financial centre, coupled with its geographical proximity to countries with active terrorist activities or terrorist groups, makes it vulnerable to being used as a conduit for TF purposes. The challenges in detecting TF due to small transaction amounts and their similarity to legitimate transactions further complicate the issue.
• Digital payment token (“DPT”) service providers: The TF risks associated with DPT service providers have been elevated from medium-low to medium-high, reflecting the growing risk of exploited virtual assets to facilitate TF activities. The anonymity, speed, and cross-border transactions facilitated by DPT service providers contribute to their vulnerability. The lack of consistency in AML/CFT controls and TF risk understanding due to the industry’s nascent and fast-changing nature, both globally and locally, poses additional challenges.
• Non-profit organizations (“NPOs”), including online fundraising: The NPO sector, including online fundraising, is assessed to have a medium-low risk for TF. The varied levels of awareness of emerging TF risks among charities and the evidential challenges in proving the intent of TF donors contribute to the vulnerability. The growth of online fundraising activities in recent years, driven by the rapid expansion of the digital economy in Asia, has significantly expanded the global reach of these activities, increasing the risk of terrorist financiers exploiting online fundraising for TF purposes.
• Cross-border cash movement: Cross-border cash movement is also assessed as having a medium-low risk for TF. The anonymity accorded to small amounts of money brought across borders poses a risk, particularly concerning funding terrorist activities abroad.
• Precious stones and precious metals dealers: The sector’s vulnerability stems from the high intrinsic value and relative compactness of precious metals, stones, and products, making them attractive for storing and transferring value, potentially for terrorism financing purposes. The emergence of asset-backed tokens, backed by precious metals, stones, or products, introduces additional complexity and potential vulnerability to TF. The overall TF risk for the PS/PM/PP sector remains medium-low.

Ingenia Consultants Pte. Ltd. is supporting financial institutions in their compliance, including anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”). Moreover, our internal audit services provide the board of directors and senior management with assurance regarding these obligations. Reach out to us to learn more about our regulatory support.
For any further information, please contact:
Adib Fajar
Associate
Ingenia Consultants Pte. Ltd.
adib.fajar@ingenia-consultants.com

Singapore has revamped its National Strategy for Countering the Financing of Terrorism (CFT), aiming to create a robust shield against the evolving threats of terrorism financing. The strategy emphasises a proactive, multi-pronged approach that combines stringent regulations, vigilant supervision, and decisive enforcement.

The Singaporean government’s five-pronged approach to countering the financing of terrorism (CFT) includes the following strategies, actions taken, updates, and future plans:

1. Coordinated and Comprehensive Risk Identification

Strategy in Action: The Singaporean government employs a whole-of-government approach to combatting money laundering, terrorism financing, and proliferation financing. The Risks and Typologies Inter-Agency Group (RTIG), comprising various agencies, oversees the identification, assessment, and mitigation of these financial risks. The government also partners with the private sector, academia, and foreign entities to enhance its understanding of terrorism financing risks.

Updates Since 2020: In 2024, Singapore conducted a survey to gain insights into its terrorism financing risks from the perspectives of other jurisdictions. The government also organized an industry consultation session with key financial institutions to discuss the latest terrorism financing typologies and threats. Additionally, a benchmarking exercise was conducted on the national CFT strategies of other jurisdictions to enhance the effectiveness of Singapore’s own strategy.

Looking Ahead: Singapore remains committed to participating in international and regional platforms to gain insights into emerging terrorism financing typologies and proactively evaluate and assess its key threats and vulnerabilities.

2. Strong Legal and Sanctions Frameworks

Strategy in Action: Singapore has established a comprehensive legal framework that empowers law enforcement agencies to combat terrorism financing activities effectively. Key legislation includes the Terrorism (Suppression of Financing) Act 2002 (TSOFA) and the Internal Security Act 1960 (ISA). The country also has a targeted financial sanctions framework that automatically implements new UN designations. The Inter-Ministry Committee on Terrorist Designation (IMC-TD) is responsible for designating terrorists and overseeing the freezing of terrorist funds and assets.

Updates Since 2020: The Corruption, Drug Trafficking, and Other Serious Crimes (Confiscation of Benefits) Act 1992 (CDSA) was amended in May 2023 to hold individuals criminally liable for allowing their payment accounts or Singpass accounts to be used for criminal activities. The Online Criminal Harms Act (OCHA) was enacted in July 2023, empowering the government to issue directives to online service providers to prevent activities suspected of involvement in criminal acts.

Looking Ahead: Singapore will continue to update its legal and financial sanctions frameworks to ensure their effectiveness in countering the financing of terrorism. The government is committed to providing law enforcement agencies with the necessary tools to tackle new challenges arising from the evolving threats of terrorism and its financing.

3. Robust Regulatory Regime and Risk-Targeted Supervisory Framework

Strategy in Action: Singapore has a robust regulatory and supervisory framework for financial institutions, designated non-financial businesses and professions (DNFBPs), and non-profit organizations (NPOs). Supervisors adopt a risk-based approach, targeting higher-risk entities and closely cooperating with the Suspicious Transaction Reporting Office (STRO) and law enforcement agencies to share information.

Updates Since 2020: The Payment Services (PS) Act 2019 was introduced in January 2020, along with corresponding AML/CFT requirements. Further amendments were passed in January 2021 to broaden the definitions of digital payment token (DPT) services and cross-border money transfer services. The Precious Stones and Precious Metals (Prevention of Money Laundering and Terrorism Financing) Act (PSPM Act) came into effect in April 2019, empowering the Ministry of Law to supervise the precious stones and precious metals dealers (PSMDs) sector for money laundering and terrorism financing risks. Amendments were made to the subsidiary legislation of the PSPM Act in November 2023 to require PSMDs to conduct customer due diligence measures for transactions involving payment received in DPT above SGD 20,000. The supervisory regime for the casino sector will be tightened in 2024, with the Gambling Regulatory Authority reducing the threshold for customer due diligence measures to SGD 4,000 for all financial transactions.

Looking Ahead: Sector supervisors will continue to assess and reinforce the private sector’s awareness of terrorism financing risks and controls through outreach, industry guidance, and risk-focused supervision. They will also harness data analytics and technological tools to bolster surveillance and supervision efforts.

4. Decisive Law Enforcement Actions

Strategy in Action: Singapore maintains a zero-tolerance policy towards terrorism financing. All credible instances undergo thorough investigation. The Counter-Financing of Terrorism Branch (CFTB) within the Commercial Affairs Department (CAD) of the Singapore Police Force leads these investigations. The Internal Security Department (ISD) collects and analyses intelligence concerning terrorism-related activities, including terrorism financing. The Suspicious Transaction Reporting Office (STRO) receives and analyses suspicious transaction reports.

Updates Since 2020: To address increasingly sophisticated cross-border cash movement activities, the Immigration and Checkpoint Authority (ICA) and CAD have strengthened detection and enforcement capabilities. The electronic Cross-Border Cash Reporting Regime (e-CBCRR) declaration form was introduced in May 2024. Agencies also utilize public-private partnerships, such as the CFT Operational Group, to enhance operational efficiency and detect terrorism/terrorism financing networks.

Looking Ahead: The CFTB, ISD, and STRO will maintain close collaboration to investigate and disrupt instances of terrorism financing. They will continue to take strong enforcement actions and expand collaboration with the private sector. Where significant risks are identified, agencies will collaborate to devise and execute suitable measures to address the
gaps.

5. International Partnerships and Cooperation

Strategy in Action: Singapore adopts a two-pronged approach to international cooperation. First, it assists other jurisdictions through formal and informal channels and seeks assistance when necessary. Second, it implements and contributes to developing international standards on combatting money laundering/terrorism financing/proliferation financing. Singapore actively participates in key international forums, such as the FATF, APG, SEAJust, CTF Forum, and INTERPOL’s Project PACIFIC Working Group. It also leverages both formal and informal channels to advance its CFT efforts, including mutual legal assistance requests, information exchange, and spontaneous exchange of financial intelligence.

Updates Since 2020: Singapore made terrorism financing a priority during its FATF Presidency from 2022 to 2024, championing various projects related to combating the financing of terrorism. The STRO is a member of the Financial Intelligence Consultative Group (FICG), which facilitates collaboration on AML/CFT matters and the development of regional solutions.

Looking Ahead: Singapore is committed to fully considering and executing requests for assistance from foreign jurisdictions related to terrorism and terrorism financing matters. It will continue to exchange information, conduct coordinated enforcement actions, and strengthen partnerships with international counterparts. The country is also committed to enhancing the understanding of emerging terrorism financing risks at both international and regional levels through active participation in various platforms.

Ingenia Consultants Pte. Ltd. is supporting financial institutions in their compliance, including anti-money laundering (“AML”) and countering the financing of terrorism (“CFT”). Moreover, our internal audit services provide the board of directors and senior management with assurance regarding these obligations. Reach out to us to learn more about our regulatory support.
For any further information, please contact:
Adib Fajar
Associate
Ingenia Consultants Pte. Ltd.
adib.fajar@ingenia-consultants.com

What is inherent risk? Why do I need to know my organisation’s inherent risk level? How do I calculate my organisation’s inherent risk exposure?

This article provides you with answers to the above questions.

What

Inherent risk provides a baseline understanding of the level of risk present before any controls are implemented. It helps organisations gauge the natural risk level they are exposed to in a particular environment or activity.

How

Identify the risks – Consider the environment, activity, or process you are assessing. Identify the risk typologies applicable to your business. This can include operational, financial, compliance, strategic, or other types of risks.

Assess the likelihood – Determine how likely each identified risk is to occur. This could be based on historical data, industry standards, or expert judgment. Assess the factors that might increase or decrease the likelihood of the risk occurring.

Evaluate the impact – Determine the potential consequences if the risk materialises. Consider financial loss, reputational damage, operational disruption, etc.

Combine likelihood and impact – Combine the likelihood and impact to assess the overall inherent risk. This can be done using a risk matrix, where risks are plotted based on their likelihood and impact to produce a risk rating, e.g., high, medium, or low.

This process helps to understand the inherent risk level before any controls or risk management strategies are applied. Hence, inherent risk should be subjective to the extent possible and supported by data and facts.

Why

Knowing the inherent risk allows decision-makers to make informed choices about where to focus resources and attention. By accurately assessing inherent risk, your organisation can design and implement controls appropriate to the level of risk. An accurate assessment helps prioritize which risks need immediate attention and which are less critical, given that resources such as time, money, and personnel are often limited. An accurate inherent risk assessment helps allocate these resources effectively, ensuring that high-risk areas receive adequate attention while avoiding over-investment in low-risk areas.

Thus, understanding inherent risk helps balance the cost of implementing controls against the potential impact of risks.

In summary, accurately assessing inherent risk is fundamental to effective risk management. It enables organizations to make informed decisions regarding risks, allocate resources wisely, comply with regulations, and protect their long-term success and reputation.

We at Ingenia Consultants Pte. Ltd. provide initial and ongoing support to our clients to set up practical enterprise-wide risk management frameworks proportional to the size and scale of their operations. This ensures timely identification and mitigation of risks per the organization’s risk appetite.

For any further information, please contact:
Vijay Bharadwaj
Director
Ingenia Consultants Pte. Ltd.
vijay.bharadwaj@ingenia-consultants.com

Situation

The Financial Action Task Force (“FATF”) revised its glossary in October 2021 to set out examples of environmental crimes. Countries should pay attention to environmental crimes, including criminal harvesting, extraction, or trafficking in protected species of wild flora and fauna (e.g., illegal wildlife trade and destruction of protected trees), precious stones and precious metals and other natural resources (e.g., illegal gold mining, illegal logging), and waste (e.g., trafficking hazardous industrial waste, illegal dumping)). The FATF also clarified that countries should consider environmental crimes irrespective of whether they are a source, transit, or destination country.

Regionally, Southeast Asia is home to some of the world’s largest illicit wildlife markets and plays a key role in the transportation of high-value, highly endangered, and illegally sourced wildlife for the regional market, other parts of Asia, and the global markets. The most common trade route for shipments seized in transit through Singapore is between Africa and East Asia. Southeast Asia is also home to transnational organised criminal networks involved in environmental crimes, including those that operate via large national and multinational enterprises at all levels of the supply chain from the source to consumer markets.

As an international financial centre and an international trading, transport and transhipment hub with a highly externally oriented economy and geographically located along the supply routes to countries such as China, Vietnam, and Indonesia, Singapore is vulnerable to these illegal trade flows. However, based on data from law enforcement authorities, the financial intelligence unit and the Attorney General’s Chambers, the money laundering threat arising from environmental crimes does not appear to be high. Nonetheless, law enforcement agencies have managed large transit seizures arising from environmental crimes in Singapore and the region.

Singapore’s legislative framework is aligned with FATF’s definition of environmental crimes under the FATF Glossary and covers a range of environmental crimes concerning flora and fauna, natural resources, and includes offences which are designated as money laundering predicate offences under the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992 (“CDSA”). Nonetheless, Singapore authorities are reviewing the foreign environmental crime threats that Singapore is exposed to and intend to expand the scope of the CDSA by 2024 to include relevant environmental offences (including those which emanate overseas but do not have a direct domestic equivalent, e.g. illegal logging, illegal waste trafficking) as predicate offences.

Environmental Crimes and Money Laundering Typologies

International typology reports indicate that the laundering of proceeds from environmental crimes occurs across source, transit, and destination countries. Singapore’s key environmental crime money laundering threats emanate from (i) illegal wildlife trade, (ii) illegal logging relating to timber, and (iii) trafficking of hazardous waste. The typologies associated with these environmental crimes money laundering threats include trade-based money laundering, misuse of shell companies, corruption and bribery, and tax evasion. These risks, especially with respect to illegal wildlife trafficking, have materialised.

• Illegal wildlife trade: Asian countries have been involved in the transportation and transit of high-value, highly endangered and illegally sourced wildlife for regional and global markets. Shipments of illegal wildlife products, namely pangolin scales, ivory parts, and rhinoceros horns, have been confiscated in Singapore.
• Illegal logging: The placement and layering of laundered proceeds from illegal logging and illegal timber trade are likely to take place in regional financial centres closer to forests, such as Singapore in the case of Asia. However, to date, Singapore has not detected cases of illegal CITES1-listed timber trade.
• Trafficking of hazardous waste: More recently, syndicates have turned their attention to Southeast Asia as a primary destination for waste, to be disposed of or stored illegally.

Additional offences facilitate and result from environmental crimes.

• Corruption: Corruption can fund or facilitate (i) the illegal acquisition of environmental goods/resources or (ii) the subsequent transnational movement of the illegal products/resources.
• Tax evasion: Environmental crimes may also converge with tax evasion when criminals attempt to avoid payment of (i) the duties and taxes on the environmental goods traversing borders and (ii) the taxes owed to authorities for use of the public land. Additionally, criminals may use offshore banking or corporate structures outside the jurisdiction where the environmental crimes were committed to avoid paying taxes on the illicit proceeds derived.

Sectors at Risk

Key sectors in Singapore that are vulnerable to being misused to launder proceeds from environmental crimes are briefly discussed below. Other sectors not specifically identified were assessed to have lower risks and exposure, considering known environmental crimes money laundering typologies and existing anti-money laundering (“AML”)/countering the financing of terrorism (“CFT”) controls.

High-risk sectors

• • Banks: The banking sector is commonly used to launder environmental crimes proceeds. Banks may be exposed to environmental crime money laundering risks through financing trade in illegal environmental goods and dealing with criminals looking to park their illegally obtained proceeds (including from environmental crime) in Singapore.
  • Cross-border money transfer services (remittance agents): Remittance agents are a common channel misused by bad actors to launder proceeds from environmental crime. International typologies suggest that remittance agents are misused in all three stages of the money laundering process, placement, layering and integration, and unlicensed remittance channels (e.g. Hawalas) are used to facilitate the flow of money laundering funds.

Medium-high-risk sectors

• • Money changers: International typologies suggest that bad actors smuggle cash across borders by using money changers to convert cash into higher denomination notes, especially foreign notes.
  • Corporate service providers (“CSPs”): Criminals can misuse companies incorporated through corporate service providers as a front company to move and hide illegal proceeds or as a shell company to hide beneficial owners to launder proceeds from environmental crimes.
  • Virtual asset service providers (“VASPs”): There is a rising number of known cases of virtual asset payments on the dark web connected to other forms of illicit trade. Virtual assets enable bad actors to mask their identities and the origins of funds. Hence, they are an emerging risk area that all countries need to be vigilant of.
  • Casinos: Criminal networks use casinos to facilitate wildlife trafficking. The casino industry is largely cash-based, and cash can be used to purchase casino chips which act as a store value and can be accepted as an alternative to money.

Medium-low-risk sectors

• • Licensed trust companies and external asset managers (“EAMs”): Trust companies and EAMs manage and invest high-net-worth individuals’ (“HNWI”) assets and monies through the establishment of trusts and fund vehicles, respectively. These intermediaries may be complicit in placing and layering illicit funds that certain HNWIs could have obtained from corruption or tax evasion.
  • Payment service providers (others): Pre-paid and gift cards are stored value facilities which can be used to transfer and make payments for environmental goods.
  • Real estate agents, precious stones and precious metal dealers, life insurers: Businesses with dealings which could be cash intensive or provide a store of value may be involved in money laundering at the integration stage.

All the above service providers are subject to AML/CFT controls through legislation, including customer due diligence. Accordingly, they should ensure that they properly implement measures to prevent environmental crimes money laundering.

For any further information, please contact:

Rolf Haudenschild

Co-founder

Ingenia Consultants Pte. Ltd.

rolf.haudenschild@ingenia-consultants.com