Skip to main content

This comprehensive guide provides all the essential information about KYC/AML in Singapore. Singapore boasts a robust and open economy, offering reasonable taxes and a highly skilled labor market. Its international business focus has attracted companies from around the globe. It’s no wonder that the World Bank ranks Singapore as the second-best country for business. However, Singapore’s open economy can be a magnet for financial criminals seeking to launder money or fund terrorism. To address this risk, Singapore has established multiple governmental authorities and a robust AML regulatory framework.

Since 2016, Singapore has taken significant actions to strengthen its AML framework, earning praise from international organizations like the Financial Action Task Force (FATF). FATF’s latest review acknowledged Singapore’s steady development of its AML regulatory framework and effective implementation by companies.

Businesses planning to enter the Singaporean market must comply with relevant regulations and guidelines. To simplify this process, FACEKI has prepared this article to explain how companies can remain compliant.

Who’s Affected in Singapore?

AML regulations in Singapore apply to financial institutions and designated businesses, including:

· Banks

· Casinos

· Exchange companies

· Brokers

· Financial advisers

· Real estate agents

· Dealers of precious metals

· Payment service providers

The following types of transactions fall under AML regulations:

· Money transfers (domestic and international)

· E-money issuance

· Account issuance

· Money exchange

· Virtual assets

Who Are the Regulators?

The Monetary Authority of Singapore (MAS) is Singapore’s central bank and integrated financial regulator. It regulates and licenses financial institutions such as banks, crypto-related businesses, and brokers. The MAS also publishes guidelines for other financial institutions like insurance companies.

Besides MAS, Singapore has specific regulators for certain sectors. For example, casinos are overseen by the Casino Regulatory Authority of Singapore, and real estate agencies must comply with Council for Estate Agencies regulations.

What Are the Regulations in Singapore?

Singapore’s primary AML regulation is the Corruption, Drug Trafficking, and Other Serious Crimes Act 1992 (CDSA). This Act defines government authorities’ roles and imposes rules for money laundering prevention, including reporting procedures and penalties.

Other essential AML regulations include MAS Notices 626, 1014, 824, PSN01, and PSN02. Payment service providers’ licensing and regulation are governed by the Singapore Payment Services Act (PSA), which covers diverse services like domestic and cross-border money transfers, account issuance, and more.

The PSA also regulates Virtual Asset Service Providers (VASPs), encompassing entities dealing with digital tokens/cryptocurrencies, providing exchange or custodial services for tokens, or promoting these services.

How to Stay Compliant

To maintain compliance, companies must adhere to obligations set out by the Corruption, Drug Trafficking, and other Serious Crimes (Confiscation of Benefits) Act 1992 (CDSA). These include:

· Establishing internal policies and procedures for compliance and AML monitoring, based on a risk-based approach.

· Communicating policies to employees, including regular updates.

· Providing adequate training to staff on identifying and addressing suspicious activity.

· Conducting business risk assessments to identify ML/FT risk.

· Appointing a compliance officer and defining their roles.

· Reporting suspicious transactions to regulatory authorities.

Designated Non-Financial Businesses and Professions (DNFBPs)

DNFBPs defined under Singapore’s AML/CFT regulations include various entities such as dealers in precious stones & metals, real estate sector (agents & developers), lawyers, corporate service providers, public accountants, casinos, pawnbrokers, and outsourcing service providers.

Financial institutions should employ a risk-based approach when assessing checks performed by their outsourced parties, as they retain liability for potential inadequacies.

Additionally, if an outsourced party has conducted its own Customer Due Diligence (CDD) on a new customer, the financial institution can rely on that CDD under specific conditions.


Financial institutions with a large customer volume are expected to implement automated systems capable of handling numerous CDD requests and various customer transactions. The MAS encourages the use of statistical tools and methods for transaction monitoring.

Financial institutions should periodically test and adjust their transaction monitoring rules to identify suspicious transactions, even in complex cases. Analysts should investigate transaction histories and other relevant notifications to assess broader ML/TF patterns.

Singapore Value Transfers

Before conducting a value transfer, an ordering institution must identify the value transfer originator, record necessary details, and comply with specific requirements based on the transfer’s value.

Performing Customer Due Diligence (CDD)

Regulated entities must establish proper CDD procedures, which involve collecting and verifying customer information during onboarding. CDD includes identifying, verifying, and continuously monitoring customer information.

Legal persons or legal arrangements also have specific CDD requirements, including background checks on directors, shareholders, and ultimate beneficial owners.

Provisions for PEPs in Singapore

Financial institutions must obtain senior management approval before establishing or continuing business relationships with Politically Exposed Persons (PEPs). Enhanced monitoring, source of wealth understanding, and reporting of unusual activity are required for PEPs and their close associates.


Financial institutions must keep records on customers and transactions for at least five years. This includes account files, business correspondences, and investigation-related records.

Reporting in Singapore

The Suspicious Transaction Reporting Office (STRO) analyzes reports submitted by companies. Regulated entities must report suspicious activities without informing the subject, as tipping-off is an offense.

Dealers of precious stones and metals must report transactions exceeding S$20,000, while casinos must report transactions exceeding S$10,000, within 15 business days.

Financial institutions should engage in ongoing and extensive monitoring of suspicious clients, investigating transaction histories and behaviors. Enhanced measures should be taken when maintaining relationships with suspicious clients.


Penalties for money laundering activities under CDSA include fines and imprisonment for individuals, and fines for companies. Companies failing to comply with AML regulations may face warnings, reprimands, prohibition orders, management removal, license termination, and monetary penalties. The maximum monetary penalty for financial institutions is S$1,000,000.

Contact FACEKI to book a demo today.