A Guide to Anti-Money Laundering for Crypto Firms
Explore the essentials of building and scaling a crypto AML program and how to navigate regulatory change.
Download the GuideOn July 3, 2023, the Monetary Authority of Singapore (MAS) announced new investor protection measures for Digital Payment Token (DPT) service providers. The measures intend to address two primary risks:
The current Payment Services Regulations draft amendments are open for public consultation until August 3, 2023. The measures follow a previous 2022 public consultancy in which participants supported vital steps to protect customers, requiring firms to:
In response to the 2022 consultancy feedback, MAS highlighted the importance of strictly segregating customer assets on a different blockchain address. The authority rejected the proposal to allow the commingling of assets with customer consent, citing recent virtual asset vulnerabilities as creating too significant a risk.
In one of the more debated measures, MAS stated that DPT service providers would not be permitted to facilitate crypto staking for their retail clientele. The rationale for this prohibition is tied to a higher risk of asset loss to customers who have staked their digital currency.
As an alternative to proof-of-work validation models, proof-of-stake models generate new crypto coins through a process requiring customers to stake their assets for a set time in hopes of being selected for a reward. Because the method requires customers to tie up assets for days, it is subject to volatility and exposes customers to potential loss of value.
However, supporters of the practice point out the work that has gone into making the practice secure, alongside its speed and eco-friendliness, compared to much-discussed proof-of-work models. MAS stated it will “monitor market developments and consumer risk awareness as these evolve, and will take steps to ensure that our measures remain balanced and appropriate.”
In the same response to the earlier consultation, MAS emphasized that it would proceed with requirements for DPT service providers to “maintain adequate systems, processes, controls, human resources, and governance arrangements to ensure the integrity and security of customers’ assets.” The regulator highlighted that this includes segregation of duties, “operational controls” protecting customers’ cryptographic keys, and following risk management best practices outlined in its 2021 Guidelines on Risk Management Practices – Technology Risk.
It also called for the implementation of technological resources for sound risk management, stating:
MAS strongly encourages DPTSPs to take proactive steps to adopt technological solutions that enable the development of local custody solutions and strong risk management expertise, including putting in place appropriate and practical arrangements to keep such devices locally, that will strengthen the risk management controls of their business in Singapore.
Source: Monetary Authority of Singapore
Firms should study the consultation and remain on the lookout for upcoming related guidance, which the MAS will publish to support compliance.
Explore the essentials of building and scaling a crypto AML program and how to navigate regulatory change.
Download the GuideOriginally published 06 July 2023, updated 07 July 2023
Disclaimer: This is for general information only. The information presented does not constitute legal advice. ComplyAdvantage accepts no responsibility for any information contained herein and disclaims and excludes any liability in respect of the contents or for action taken based on this information.
Copyright © 2024 IVXS UK Limited (trading as ComplyAdvantage).