Basic Research on Singapore's Encryption Tax System and Regulatory Framework (II)

Written by: FinTech

The upper part of the content is a direct access vehicle "Basic Research on the Cryptocurrency Tax System and Regulatory Framework in Singapore (I)"

4. Basic Research on Cryptocurrency Regulation in Singapore

(1) Basic Framework

In recent years, Singapore has continuously strengthened and improved the regulatory framework for cryptocurrency assets, gradually forming a legal framework centered around the Payment Services Act 2019 (PSA) and the Financial Services and Markets Act 2022 (FSMA). The former establishes licensing management for Digital Payment Token (DPT) services, anti-money laundering and counter-terrorism financing (AML/CFT) requirements, and operational compliance obligations; the latter supplements provisions related to market integrity, cross-border cooperation, and law enforcement authority within a broader scope of financial services. These two laws are interconnected, providing clear legal basis and compliance boundaries for the issuance, trading, custody, payment, and related services of cryptocurrency assets.

Under this framework, the Monetary Authority of Singapore (MAS) has significantly tightened its licensing and business conduct regulations in recent years, supplemented by strict enforcement. With the key licensing provisions of the FSMA coming into effect this year, MAS requires all crypto enterprises with entities established in Singapore that only serve overseas clients to obtain a license within a specified period, or they will face hefty fines and criminal charges; the trading platform Tokenize Xchange announced its exit from the Singapore market due to obstacles in its license application and will shift its business to Malaysia and Abu Dhabi; meanwhile, Binance has chosen to retain its local team to continue advancing its license application, while Bitget, Bybit, and others are considering relocating some operations to regions with relatively loose regulations.

(2) Key Provisions

The PSA is the first comprehensive regulation to systematically incorporate Digital Payment Token (DPT) services, aimed at addressing the payment and capital flow risks brought about by the rise of financial technology (FinTech) and crypto assets.

The law adopts the approach of "functional regulation", meaning that regardless of the technical form, as long as it involves the flow of funds and payment functions, it falls within the scope of regulation. In terms of specific design, the PSA classifies payment services, specifically establishing a category for "digital payment token services", which covers various business activities including the exchange of tokens and fiat currency, the exchange of tokens for tokens, token custody, wallet services, and intermediary matching. The system directly requires all relevant institutions to apply for a license before entering the Singapore market, with common license types including standard payment institution licenses and major payment institution licenses. The former is suitable for smaller businesses, while the latter imposes higher requirements on capital, risk management, and compliance levels. To prevent systemic risks, the PSA also establishes strict compliance and business supervision requirements, such as customer identity verification (KYC), anti-money laundering and counter-terrorism financing (AML/CFT) procedures, customer fund security and segregation measures, prohibition of misleading advertising and market manipulation, as well as the requirement to submit regular business and financial reports to the Monetary Authority of Singapore (MAS). In recent years, as the application threshold has tightened, many internationally renowned trading platforms (such as Binance, Bybit, Crypto.com, etc.) have encountered strict scrutiny in their license applications, with some even withdrawing from the Singapore market. This phenomenon directly reflects the PSA's institutional orientation of "high thresholds and strong regulation."

FSMA is mainly used to address the shortcomings of PSA in cross-border operations, market integrity, and enforcement.

As Singapore gradually becomes a regional cryptocurrency hub, a large number of overseas service providers are offering DPT services to Singapore residents online, and the FSMA has emerged, further expanding regulatory reach. Its key provisions include: first, cross-border regulation, which clarifies that even if a company operates abroad, as long as it provides relevant services to Singaporean customers, it must comply with local regulations; otherwise, it will face criminal or civil penalties; second, market integrity, which grants MAS greater power to combat market manipulation, false statements, insider trading, and other behaviors to maintain market credibility; third, anti-money laundering and counter-terrorist financing, requiring both domestic and foreign service providers to comply with international standards, enhancing cross-border information disclosure and reporting mechanisms; fourth, enforcement power, granting MAS the authority to directly impose fines, injunctions, business restrictions, and even criminal prosecutions. These provisions have directly changed the industry landscape; on one hand, some unlicensed overseas exchanges have been forced to exit due to their inability to legally reach Singaporean customers, while on the other hand, licensed institutions must bear higher capital and transparency requirements, such as establishing a more robust internal compliance system and risk control framework. It is worth mentioning that some key provisions in the FSMA have been implemented in phases after their release, and all will come into effect by June 30, 2025.

(3) Specific rules

1. License

Singapore implements a strict licensing and permit management system for Digital Payment Token Service Providers (DPTSP), primarily based on the Payment Services Act 2019 (PSA) and its amendments, as well as the relevant provisions in Part 9 of the Financial Services and Markets Act 2022 (FSMA).

DPT license system under PSA

According to the PSA, the sixth category "digital payment token services" has been officially included in the regulatory scope. This category covers the exchange between digital payment tokens and fiat currencies, the exchange between tokens, token custody, wallet services, intermediary matching, and other businesses. Institutions providing the above services must apply for one of the following two types of licenses:

Standard Payment Institution License (SPI): Applicable to small and medium-sized DPTSPs. Application requirements include: being registered as a Singaporean enterprise, having a local place of business and records available for regulatory inquiries, at least one management member must be a Singapore citizen, permanent resident, or holding an employment pass; minimum registered capital of SGD 100,000, and must possess risk management capabilities commensurate with the scale of the business.

Major Payment Institution (MPI): Applicable to enterprises with high transaction volumes or involving multiple payment services. This license requires higher standards, typically including larger capital reserves, client fund segregation, security assurance mechanisms, and more.

In 2023, MAS further strengthened the application requirements. All enterprises applying for new licenses or changing licenses to add DPT services must submit a legal opinion letter issued by a professional law firm, which must clearly outline the business model and whether the relevant services are subject to PSA jurisdiction. Additionally, a compliance assessment report completed by an independent external auditing firm must also be provided, covering business compliance and AML/CFT mechanisms, among other things.

DTSP Expanded Regulation under FSMA

Part 9 of the FSMA introduces a licensing system for Digital Token Service Providers (DTSP), aiming to fill the regulatory gap in cross-border business oversight left by the PSA. Starting from June 30, 2025, any company registered in Singapore or having a substantial operational presence in Singapore, which provides digital token services to overseas clients, will be required to apply for a DTSP license.

MAS stated that the money laundering risk of such DTSP models is high and the regulatory difficulty is great, so it is unlikely to approve such licenses, effectively blocking the regulatory arbitrage gray area. Even in the very rare cases where licenses are issued, they must strictly comply with a series of standards, including AML/CFT checks, cross-border information sharing, and compliance with technical and business requirements.

Whether under the PSA or the FSMA licensing regime, both aim to ensure that digital payment token services operate under high standards of regulation in Singapore through high-bar licenses, strict compliance requirements, and the prevention of regulatory arbitrage. These measures help maintain financial stability and market integrity, while also clarifying the entry boundaries for legitimate operators.

2. Stablecoin

Singapore has become the first in the world to launch a dedicated regulatory framework for stablecoins, with the Monetary Authority of Singapore (MAS) releasing the "Regulatory Framework for Stablecoins" in August 2023. This will come into effect in October 2024 through amendments to the Payment Services Act (PSA) and accompanying subsidiary legislation. This framework mainly targets "Qualified Stablecoins" (Single-Currency Stablecoins, SCS) and aims to ensure user fund security, enhance transparency, and boost market confidence.

According to the regulations of MAS, only stablecoins that meet the following conditions can be recognized as "qualified stablecoins" (MAS-regulated Stablecoins):

Anchor Objects: Must be fully anchored and exchanged at a 1:1 rate for Singapore Dollar (SGD) or legal tender of G10 currencies;

Issuing entity: Only issuers that are registered and regulated in Singapore;

Issuance scale: The circulating scale must reach / exceed 5 million Singapore dollars to be included in the mandatory regulatory scope;

Payment attribute: It should mainly be used as a payment tool, rather than a speculative investment token.

To ensure the redemption capability of stablecoins, regulators require qualified stablecoins to have sufficient high-quality reserve assets.

100% Reserve Support: The total issuance must be fully backed by low-risk, highly liquid assets (such as cash and treasury bonds);

Custody requirements: Reserve assets must be held in regulated financial institutions (banks or custodians) and segregated from the issuer's own funds;

Regular Audits: Issuers must publicly disclose reserve reports monthly and conduct annual audits by an independent auditing firm to ensure adequacy and transparency.

Stablecoin issuers must fulfill a series of information disclosure and risk management obligations:

White paper disclosure: A detailed white paper must be published to explain the governance mechanism, reserve arrangements, and settlement and payment rules;

Risk Warning: Clearly inform users that stablecoins are not risk-free and carry market liquidity and technical risks;

Redemption obligation: Must commit to redeeming at a 1:1 ratio within a reasonable time (usually within 5 working days);

Prohibition of mixed issuance: The same institution is not allowed to issue both regulated and unregulated stablecoins simultaneously to prevent confusion among investors.

The Monetary Authority of Singapore (MAS) aims to establish a "trustworthy category of stablecoins" through the regulation of stablecoins. Qualified stablecoins will enjoy higher recognition in payment systems and financial applications, and MAS also plans to allow these stablecoins to interoperate with traditional electronic payment systems. In contrast, unqualified stablecoins (such as tokens pegged to non-G10 currencies) are not allowed to be marketed as stablecoins under MAS regulation and may face stricter advertising and usage restrictions.

3. Compliance and Reporting

In Singapore, digital payment token service providers (DPTSP) must not only obtain a license but also comply with strict compliance and reporting obligations. These requirements mainly stem from the Payment Services Act (PSA), the Financial Services and Markets Act (FSMA), and relevant guidelines from the Monetary Authority of Singapore (MAS), focusing on three aspects: KYC/AML processes, transaction record keeping, and reporting of suspicious transactions.

DPT service providers are required to implement comprehensive customer due diligence (CDD) and ongoing monitoring measures:

Know Your Customer (KYC): Before opening an account or conducting large transactions, customer identity must be verified, and information such as name, address, and identification documents must be collected (PSA §23, FSMA §36);

Risk-based management: Service providers must implement differentiated due diligence measures based on the client's risk level (high-risk clients such as cross-border fund movers and politically exposed persons - PEPs).

Continuous Monitoring: Continuously monitor customers' trading patterns. If any abnormal trading patterns are detected, investigations must be strengthened and records must be kept.

All transactions and customer data related to DPT must be fully recorded by service providers for future regulatory review or law enforcement.

Retention period: At least 5 years (PSA §47);

Record scope: including transaction date, amount, counterparty identity, payment tool, source and purpose of funds.

Electronic archiving requirements: Electronic systems are allowed for storage, but the authenticity, integrity, and traceability of the data must be ensured.

According to Singapore's Control of Drugs Act (CDSA) and the Terrorism (Suppression of Financing) Act (TFA), all DPT service providers have the obligation to report suspicious transactions:

Triggering conditions: If the service provider is aware of or suspects that a transaction involves money laundering, terrorist financing, or other illegal activities, they must submit a suspicious transaction report to the Singapore Financial Intelligence Unit (STRO, Suspicious Transaction Reporting Office) within 15 working days.

Criminal liability: If the declaration is not made as required, both the organization and the responsible person may bear criminal liability (CDSA §39, TFA §8);

International Cooperation: MAS shares part of the STR data with overseas regulatory authorities for cross-border law enforcement cooperation.

Through compliance and reporting mechanisms, Singapore ensures the transparency and traceability of the DPT market. KYC/AML processes can prevent anonymous transactions from concealing illegal fund flows; transaction records are kept to provide evidence for subsequent audits and regulatory investigations; and suspicious transaction reporting provides an early warning mechanism for combating cross-border money laundering and terrorist financing. The combination of these three factors has established a relatively stringent compliance baseline for crypto assets in Singapore on a global scale.

4. Investor Protection

In Singapore, financial regulators not only focus on financial stability and compliance obligations but also place a high emphasis on investor protection related to crypto assets. The core requirements are reflected in advertising restrictions, risk disclosure obligations, and the prohibition of misleading statements. These mainly stem from the Financial Services and Markets Act (FSMA 2022), the Payment Services Act (PSA 2019), and the specific guidelines issued by MAS (especially the MAS 2022 "Advertising Guidelines for Digital Payment Token Service Providers").

The MAS clearly requires that DPT service providers must not promote their services to the retail public through exaggerated claims of profits or improper channels.

Restricted Channels: Promotion of DPT services is prohibited in public places (such as subways, bus stations, shopping malls) or in activities with high public contact.

Promotional media: Gifts, lotteries, airdrops, and other methods must not be used to attract public participation;

Allowed channels: Information disclosure can only be made through the official website, mobile application, or official social media pages.

All DPT service providers must prominently display risk warnings in the customer interface to ensure that investors are aware of the high-risk characteristics of digital assets:

Disclaimer: "Cryptocurrencies are not suitable for all investors, their value may fluctuate significantly and may result in a total loss."

Presentation: The prompts must be clear and visible, and must not be hidden in lengthy documents or small font terms.

Retail Investor Protection: For customers making their first trade, service providers must conduct a suitability assessment to confirm their risk tolerance.

DPT service providers must adhere to the principles of truthful, complete, and non-misleading statements:

Prohibited actions: Do not use misleading terms such as "guaranteed returns", "zero risk", and "capital preservation".

Information Disclosure: Complete, accurate, and easily understandable descriptions must be provided regarding product terms, fees, custody arrangements, clearing mechanisms, etc.;

Consequences of violations: If misleading statements are provided, MAS has the right to revoke licenses, impose heavy fines, and in severe cases, pursue criminal responsibility.

The core logic of Singapore's investor protection mechanism lies in suppressing improper promotion + strengthening risk awareness + ensuring truthful disclosure. The MAS specifically emphasized in 2022 that cryptocurrencies should not be promoted as a "get-rich-quick scheme," but should guide market participants to rationally recognize risks. This series of measures has made Singapore one of the first jurisdictions in the world to impose stringent regulations on cryptocurrency advertising and risk warnings, effectively reducing the risk of significant losses for retail investors due to information asymmetry and market speculation.

Overall, Singapore's regulatory orientation has always reflected a compliance-first logic. The regulatory authorities have established a clear legal framework, supplemented by detailed execution standards, systematically incorporating cryptocurrency businesses into the existing financial governance system. International media and the industry generally believe that this institutional arrangement effectively enhances market transparency and consolidates Singapore's reputation as a compliant global financial center. However, at the same time, the high compliance thresholds have objectively prompted some companies to relocate to jurisdictions with looser regulations, such as Hong Kong or Dubai. As a result, Singapore is gradually forming a benchmark image of strict regulation in the global cryptocurrency governance landscape: in the short term, it may suppress market expansion and innovation vitality, but in the long term, it will help shape a stable, secure, and sustainable market environment. In summary, this section has systematically summarized the relevant regulations and regulatory practices, with the main threads clearly presented; for more detailed clause-level information, please refer to the original texts of the PSA and FSMA.

V. Conclusion

Overall, Singapore has established a relatively comprehensive dual framework of taxation and regulation in the governance of crypto assets.

In terms of taxation, the government has always insisted on treating cryptocurrencies as non-legal tender, so daily use is mainly subject to income tax and Goods and Services Tax (GST) rules: whether profiting from trading, using tokens to pay for goods and services, or issuing and exchanging digital tokens, there are clear taxable and exempt boundaries. Since Singapore does not have capital gains tax, selling purely due to the appreciation of held crypto assets is usually not taxed, which keeps it relatively simple in terms of taxation.

In terms of regulation, Singapore adheres to a compliance-first approach, establishing a legal framework centered around the Payment Services Act (PSA 2019) and the Financial Services and Markets Act (FSMA 2022), which includes detailed rules on licensing, stablecoin management, compliance and reporting, and investor protection. The Monetary Authority of Singapore (MAS) ensures that the market operates under high transparency and high threshold conditions through strict enforcement and ongoing guidance. Although some companies choose to shift towards relatively relaxed jurisdictions such as Hong Kong or Dubai due to costs and restrictions, Singapore has gained global recognition for its high standard regulatory model, providing institutional support for the long-term sustainable development of the market.

Looking globally, Singapore's path highlights a combination model of clear taxation and strict regulation: compared to the fragmented regulation in the United States, the European Union is still gradually advancing the Markets in Crypto-Assets Regulation (MiCA), and the UK is lagging in stablecoin regulation, Singapore has already established a more complete institutional framework. This high threshold may suppress business expansion in the short term, but in the long run, it provides replicable experience for integrating crypto assets into the traditional financial system through a transparent and stable institutional environment.