Singapore AML Compliance — MAS AML/CFT Notice, PSA & KYC

Singapore's AML/CFT framework is built on the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act (CDSA) and the Terrorism (Suppression of Financing) Act. Financial institutions are supervised by the Monetary Authority of Singapore (MAS), while Corporate Service Providers, accountants, and other Designated Non-Financial Businesses and Professions (DNFBPs) fall under sector regulators such as ACRA and ISCA. Obligations include customer due diligence (CDD), beneficial ownership identification, ongoing transaction monitoring, and filing Suspicious Transaction Reports (STRs) with the Suspicious Transaction Reporting Office (STRO) via the SONAR system.

AML/CFT supervision in Singapore is shared across regulators. MAS supervises banks, payment institutions, capital markets entities, and digital token service providers, issuing binding Notices (such as MAS Notice 626 for banks). ACRA regulates Corporate Service Providers and company secretaries. The Singapore Police Force's Commercial Affairs Department (CAD) houses the Suspicious Transaction Reporting Office (STRO), Singapore's financial intelligence unit, which receives all STRs. Singapore is a founding member of the FATF and was assessed as largely compliant in its most recent mutual evaluation.

Yes. Since 2017, Singapore companies must maintain a Register of Registrable Controllers (RORC) identifying individuals with significant control or ownership (generally 25% or more of shares or voting rights). The RORC must be kept at the registered office or with a Corporate Service Provider, and the information is also filed with ACRA's central register. Nominee directors and shareholders must additionally disclose their nominee status. Failure to maintain accurate controller information is an offence under the Companies Act.

An STR is a mandatory report filed when a person knows or has reasonable grounds to suspect that property is connected to criminal conduct or terrorism financing. Under the CDSA, STRs must be filed with the STRO as soon as reasonably practicable, through the online SONAR portal. The obligation applies to all persons, not only regulated entities, and 'tipping off' the subject of a report is a separate criminal offence. INNOVA prepares STR documentation and advises on the filing threshold for DNFBP clients.

Penalties are among the most stringent in Asia. Failure to file an STR under the CDSA can result in a fine of up to S$250,000 and/or imprisonment. MAS has imposed composition penalties and financial penalties running into the tens of millions of dollars on financial institutions for AML control failures. Corporate Service Providers face disciplinary action and licence revocation by ACRA. Directors can be held personally liable for systemic compliance failures, making a documented AML programme essential.