Singapore Crypto Regulation: A Licensing Guide for DPT Exchanges

This guide takes a closer look at the Monetary Authority of Singapore’s cryptocurrency regulation of Singapore-based digital payment token (DPT) service providers in accordance with the Payment Services Act of 2019, the PS Notice 2 (Dec 2019) and July 2020’s new Consultation Paper on a New Omnibus Act for the Financial Sector.

QUICK FACTS
Legal status of virtual assetsNot legal tender, taxed as “goods”
Term for crypto exchanges Digital Payment Token (DPT) Service Providers 
“FATF Travel Rule” equivalentMAS Notice PSN02 (paragraph 13)
Financial RegulatorMonetary Authority of Singapore (MAS)
Crypto legislationPayment Services Act (PSA)
Financial Intelligence UnitSuspicious Transaction Reporting Office (STRO)
FATF-style regional bodyAsia-Pacific Group on Money Laundering (APG)

Table of Contents

  1. Introduction
  2. Singapore’s Crypto Regulations
    2.1 The Monetary Authority of Singapore (MAS)
    2.2 The Payment Services Act of 2019
    2.3 Notice PSN02 for DPT Services (Dec 2019)
    2.4 Consultation Paper on a New Omnibus Act for the Financial Sector (July 2020)
  3. Digital Payment Tokens (DPT) & Service Providers
    3.1 What is a Digital Payment Token (DPT?)
    3.2 What is a Digital Payment Token Service Provider?
    3.3 Types of DPT services provided
    3.4 What is a Digital Payment Token Transfer Service?
    3.5 AML/CFT Requirements for DPT Service Providers
  4. PSN02 Paragraph 13: Singapore’s Travel Rule
  5. How to apply for the MAS license
  6. Three Types of MAS Licences
  7. Singapore’s PSA enforcements in 2020
  8. Conclusion

1. Introduction

As a meeting ground between East and West merchants since the 14th century, the trading of assets runs through Singapore’s veins and has provided the genesis for its sophisticated yet pragmatic financial system.

Cryptocurrencies are no exception. Singapore has long held a progressive view towards the owning and trading of cryptocurrencies, called “digital tokens”, treating the likes of Bitcoin as goods and levying sales tax on it (a new tax guide for digital tokens was published in April).

This approach aligns perfectly with Singapore’s vision of establishing its “Electronic Payments Society”, first articulated in 2016. 

In recent years though, there has been a major uptick in blockchain’s technological advances and its threat to global anti-money laundering (AML) and counter-terrorism financing (AML/CFT) efforts, to which the likes of the Financial Action Task Force (FATF) and the European Union have responded with new regulations.

These actions have led the Monetary Authority of Singapore (MAS), the country’s central bank and financial regulator, to develop an action-based regulatory framework around its Payment Services Act (PSA) of 2019 to mitigate the crypto industry’s systemic money laundering (ML) and terrorist financing (TF) risks. 

On 21 July 2020, the MAS also published a Consultation Paper on a New Omnibus Act for the Financial Sector, which will align Singapore even closer with the FATF in their regulation of virtual asset service providers (VASPs).

The new paper targets the overseas activities of Singapore-based VASPs (also referred to as DPT Service providers).

VASPs who have a “meaningful presence” (such as offices and directors) in Singapore must be required to conduct their overseas activities to the same regulatory standards as their Singaporean operations.

This should be done in order to deter “regulatory arbitrage” which allows VASPs to pick and choose regulatory destinations that allow them to operate as they please.

The consultation paper is open to comments until August 20, 2020.

The FATF updated their Recommendations 15 and 16 in June 2019, putting the onus on countries and VASPs to ensure they share user “Travel Rule” transmittal data by June 2020. A new 12 month-review process was announced in June 2020, however this is not an extension, but a final warning from the FATF for countries and VASPs to implement suitable Travel Rule solutions.

Also, the European Union’s Fifth Anti-Money Laundering Directive (AMLD5) reached its transposition deadline in January 2020, with some consequences for Singaporean companies.

Meanwhile in the United States, the federal regulator FinCEN issued their Convertible Virtual Currency guidance and began to pursue unlicensed money transmitters under the Bank Secrecy Act (BSA)’s original Travel Rule. 


2. An Overview of Singapore’s Crypto Regulation

Singapore has had designs on creating a cashless society for over 30 years and its sophisticated new regulatory framework has made it one of the most forward-thinking jurisdictions when it comes to regulating digital assets.

As a result, Singapore is one of top 3 largest launch pads for new crypto projects (after the US and Switzerland) and some of the world’s biggest cryptocurrency names call it home.

Crypto companies looking to operate in Singapore need to familiarize themselves with a few core concepts, namely: “MAS”, “PSA”, “PSN02” and “DPT”. 

2.1 What is the Monetary Authority of Singapore (MAS)?

The Monetary Authority of Singapore (MAS), established in 1971, is Singapore’s central bank and main financial regulator.

The MAS governs the country’s financial sector and issues and manages legislation and regulations concerning money, banking, insurance, currency, securities and other financial affairs. 

2.2 Singapore’s Payment Services Act (PSA) of 2019

On 14 January 2019, Singapore passed its comprehensive Payment Services Act (PSA), consolidating years of regulatory development. The PSA, also known as the PS Act, aims to regulate both traditional and cryptocurrency-based payments under comprehensive piece of legislation.

The PSA came into effect on 28 January 2020 and the MAS has already used it to take action against unlicensed crypto traders (please note Singapore’s PSA should be distinguished from Japan’s Payment Services Act).

The PS Act updates Singapore’s regulatory framework for payment services in order to improve consumer protection and confidence in the use of e-payments. It also brings the regulation of digital assets under its oversight. 

The MAS building in Singapore

The PSA enables the MAS to govern payment systems considered “crucial to financial stability”. It requires so-called “Digital Payment Token” (DPT) service providers, the vast majority of crypto-related businesses in Singapore, to adhere to strict new AML/CFT compliance requirements.

The PS Act also makes it mandatory for payment service providers to register and apply for one of three licenses depending on their operations. Failure to do so may result in severe punitive actions.

The PSA was further amended by the PSN02 notice in December 2019, which introduced a list of AML requirements and an unofficial local interpretation of FATF’s Travel Rule for Singaporean DPT services ( the PSN02’s paragraph 13 on value transfers) to comply with in order to qualify for licensing.

Who does the PSA apply to?

According to the Payment Services Act’s FAQ section. it applies to:

(1) A person that wishes to carry on a business of providing any type of payment service may apply to the Authority, in such form and manner as the Authority may require, for the appropriate licence under this section.
(2) The types of licences that may be applied for under subsection (1) are as follows:
(a) a money‑changing licence;
(b) a standard payment institution licence;
(c) a major payment institution licence.
(3) A person must have in force a money‑changing licence to be entitled to carry on a business of providing a money‑changing service, unless the person has in force a standard payment institution licence or major payment institution licence that entitles the person to carry on a business of providing that service.
(4) A person must have in force a standard payment institution licence or a major payment institution licence to be entitled to carry on a business. This is if they provide some of the following 7 payment services:

For a business that provides any one of the following 6 services:

  1. account issuance service
  2. domestic money transfer service
  3. inward cross-border money transfer service
  4. merchant acquisition service
  5. e-money issuance service (with a float not exceeding $30 million)
  6. digital payment token service (applies to cryptocurrency services)

For a business that provides any two or more of the above services, including:

7. money -changing service

2.3 The Payment Services Notice PSN02 (December 2019)

On 5 December the MAS published an amendment to the PSA that focused on crypto assets: Notice PSN02 Prevention of Money Laundering and Countering the Financing of Terrorism – Digital Payment Token Service. The MAS’s preceding PSN01 notice applied to non-DPT service providers. 

The PSN02 guidance, which also came into effect on 28 January 2020, puts in place robust AML/CFT controls to detect and stop the illegal flow of funds through Singapore via digital token payment services. Control measures include KYC processes (including beneficial ownership), account reviews and suspicious transaction monitoring and reporting.

2.4 Consultation Paper on a New Omnibus Act for the Financial Sector (July 2020)

On 21 July 2020, the MAS published the 99-page Consultation Paper on a New Omnibus Act for the Financial Sector that seeks in part to bring Singapore’s VASP regulation in line with the FATF Standards.

One proposed recommendation targets the overseas activities of Singapore-based VASPs.

If passed, VASPs who have a “meaningful presence” ( such as offices and directors) in Singapore will be required to conduct their overseas activities to the same regulatory standards as their Singaporean operations.

This should be done in order to deter “regulatory arbitrage” which allows VASPs to pick and choose regulatory destinations that favor them the most.

The consultation paper is open to the public for comments until August 20, 2020.


3. Singapore’s Digital Payment Tokens (DPTs) and Service Providers

3.1 What is a “Digital Payment Token” (DPT)?

According to the PSA, the term ‘digital payment token’ encompasses:

” any digital representation of value that is expressed as a unit, not denominated in any currency or pegged to any currency, intended to be a medium of exchange accepted by the public as payment and can be transferred, stored or traded electronically.”

3.2 What is a Digital Payment Token Service Provider?

Digital Payment Token (DPT) service providers can be described as companies or persons who provide either exchange services for DPTs or platforms where these crypto assets can be sold within Singapore.

3.3 Types of DPT Services Provided

The PSA now regulates entities offering any of the following DPT-related services as digital payment token service providers:

  • Buying or selling DPTs;
  • Establishing or operating a DPT exchange; and
  • Participating in and offering financial services related to the offer and/or sale of a DPT by an issuer.
  • Transfer or transmittal of DPTs from one DPT address to another
  • Inducing (or attempting to induce) any person to buy or sell DPTs (without the DPT service provider actually accessing any money or DPTs)

3.4 What is a Digital Payment Token Transfer Service?

According to the PSN02, a “digital payment token transfer service” refers to the service of accepting digital payment token from one digital payment token address or account, whether in Singapore or outside Singapore, as principal or agent, for the purposes of transferring, or arranging for the transfer of, the digital payment token to another digital payment token address or account, whether in or outside of Singapore.

3.5 AML/CFT requirements for DPT services

In addition to complying with the PSN02’s travel rule, DPT service providers like crypto exchanges in Singapore must also meet the following comprehensive AML/CFT requirements in order to successfully apply for the MAS’ required license:

  • Risk assessment and risk mitigation
  • Customer due diligence (CDD).
  • Reliance on third parties
  • Correspondent accounts and wire transfers
  • Record-keeping
  • Suspicious transaction reporting.
  • Internal policies, compliance, audit and training

On 16 March the MAS published the expansive, 73-page Guidelines to PSN02 to further clarify the AML/CFT obligations of financial institutions.

PSN02 Guidelines

4. PSN02 Paragraph 13 on Value Transfers

The PSN02 notice further aligned Singapore’s crypto-asset regulation with that of the FATF Standards, in some ways exceeding its expectations. PSN02 covers areas such as DPT transfers, custodial wallet provision for and on behalf of clients and DPT transmittal brokering. 

Paragraph 13 defines the concept of “value transfers” and explains which parties it covers.

Value Transfers

“Value transfer” refers to any transaction carried out on behalf of a value transfer originator through a financial institution with a view to making one or more digital payment tokens, available to a beneficiary person at a beneficiary institution, irrespective of whether the originator and the beneficiary are the same person.”

13.1 Paragraph 13 shall apply to a payment service provider when it effects the sending of one or more digital payment tokens by value transfer or when it receives one or more digital payment tokens by value transfer on the account of the value transfer originator or the value transfer beneficiary. 

The notice further explains various concepts such as batch transfer, intermediary institution, unique transaction reference number, value transfer beneficiary, value transfer originator

Comparing Singapore’s PSA and the FATF’s R.16’s requirements for VASPs 

The Singapore PSA is closely aligned with FATF’s Recommendation 16 requirements for VASPs, as can be seen from this table:


Singapore PSAFATF Travel Rule
Transaction Threshold:Over S$1,500 (roughly $1000)Over USD 1,000
Originator Account NumberAccount or unique transaction referenceAccount or unique transaction reference
Originator Name & Identification-ID card or 
-Birth Certificate or
-Passport or
-Business certificate
date & place of birth


-National or
customer ID number or
-unique identifier to date and place of birth


Proof of Address

Physical Address

Physical address
Date of Value TransferYesNo
Amount & Asset TypeYesNo
Beneficiary Data:
-Name
-Account number
-Any unique identifier
-Name
-Account number
-Any unique identifier

5. How to Apply for a MAS License for DPT Services

In order to be considered for a MAS license to operate in Singapore, digital payment token service providers need to complete 2 basic steps:

Step 1: Register as a DPT service operating in Singapore

The MAS gave existing DPT service providers a month to register following its announcement on 28 January 2020, effectively meaning that all Singaporean crypto exchanges and businesses had to notify MAS and register before the 1st of March 2020. 

Step 2: Apply for a DPT license

Persons who successfully registered their DPT were exempt from needing a license for 6 months from January 28th. They next have to notify the MAS to be assessed in line with the PSA and PSN02’s AML/CFT requirements in order to apply for a license to do business in Singapore. Here are some MAS guidelines to consider.


6. Types of MAS DPT Service Licenses

The MAS has eschewed a one-size-fits-all licensing regime for Singaporean DPT Services in favor of an activity-based licensing framework that also takes ML/TF risk into account.

The activity-based licensing tiers are more responsive and flexible, to help the MAS keep up with the constant evolution of digital payment services without stifling technological innovation.

Therefore, the MAS has created 3 distinctly different licenses, which it will assign to applicants based on their associated activity and risk:

  1. “Money-changer”:
    -a license for those who only provide money-changing services. Its regulation will help to mitigate money laundering (ML) and terrorist financing (TF) risks
  2. “Standard payment institution”:
    -This less restrictive license applies to companies with average monthly transactions for any activity of under $3 million, and less than $5 million of e-money float per day. 
  3. “Major payment institution”:
    -This applies to the bigger service providers, who average more than $3 million p.m. on payment transactions and over $5m on its average e-money float per day. This is the most regulated licensing level and also requires higher capital thresholds ($250,000) and a $100k security deposit. 

7. Singapore’s PSA enforcements in 2020

In late June 2020, Singapore logged its first enforcement of the Payment Services Act of 2019, against an unlicensed crypto seller. 

Singapore police detained and charged a young woman, identified as Vivian Lange, with violating the PSA. Ms. Lange allegedly purchased $2,400 in Bitcoin on behalf of a loan shark using scam-related funds, without being licensed as a DPT service provider.

Miss Lange could be fined a maximum of $88,000 and receive 3 years in prison for contravening the PSA, by undertaking unlicensed DPT services “on the instruction of an unknown person in return for a commission.”


8. Conclusion

Singapore’s Payment Services Act has provided the country with one of the clearest and most pragmatic regulatory frameworks to govern cryptocurrency services in the world.

In doing so, digital payment token service providers now have a complete rule book to comply with the MAS’ licensing requirements.

With the PSA, the Monetary Authority of Singapore has positioned itself as a progressive destination for financial investors and service providers in both the digital and traditional asset sectors.

Written by Werner Vermaak


About CoolBitX and Sygna Bridge

CoolBitX’s Sygna Bridge is a first-to-market travel rule solution and alliance network that is live and being used by our VASP partners to share compliant originator and beneficiary transmittal information.

This image has an empty alt attribute; its file name is sygna-bridge-gif-1024x439.gif

Sygna Bridge completed a successful production test report (Big 4 audited) earlier this year, which was presented to the FATF Contact Group in May 2020. Sygna Bridge now also supports the IVMS101 messaging standard.

CoolBitX has signed MoUs with 18 VASPs worldwide and recently joined forces with Elliptic in a combined quest to help crypto companies comply with the FATF Standards.

For enquiries on the FATF Travel Rule and our Sygna Bridge solution for VASPs, please contact us at [email protected].

CoolBitX Releases Sygna Bridge 2.0 with IVMS101 Support

GDF Travel Rule Summit: Sygna Bridge Joins Biggest Crypto Regtech Discussion