Government debates a new bill that will tighten regulations of digital token service providers and push the maximum penalty financial institutions face to SG$1 million for each breach, and higher if multiple parties are affected.
Singapore has taken another step towards a new bill that seeks to impose higher penalties on financial institutions that suffer a security breach as a result of oversight. It also looks to tighten regulations of digital token services providers to guard against money laundering and terrorist financing risks. If passed, the Financial Services and Markets Bill will push the maximum penalty for each breach of the sector’s technology risk management requirements to SG$1 million ($736,791). The financial penalty can climb further should an incident impact the financial institution’s customers or other partners, resulting in more than a single breach of risk management requirements. This meant that financial companies could face much higher fines for a « serious » cyber attack or disruption to essential financial services, during which multiple breaches occurred, such as an ATM network or online trading disruption, said Alvin Tan, Singapore’s Minister of State, Ministry of Culture, Community and Youth, and Ministry of Trade and Industry. The new Bill would provide Monetary Authority of Singapore (MAS) with powers to enforce technology risk management requirements, said Tan, who also sits on the board of the industry regulator. It also would enable MAS to ensure the « safe and sound » use of technology to deliver financial services and protect data, he said. « Financial institutions today rely heavily on technology to deliver financial services, » the minister noted. « However, the current maximum penalties that can be imposed for breaches of technology risk management requirements are not commensurate with the potential widespread impact to financial institutions’ customers and the financial industry that could result from such breaches.
