All unregistered cryptocurrency companies must withdraw from Singapore by the end of the month! No transition period!

Original | Odaily Planet Daily (@OdailyChina)

Author｜jk

All unregistered crypto companies must withdraw from Singapore by the end of the month! No transition period!

Singapore, located in the heart of Asia and once the preferred landing spot for global Web3 entrepreneurs due to its open yet prudent financial policies, is now undergoing an unprecedented regulatory upheaval.

On May 30, 2025, the Monetary Authority of Singapore (MAS) officially released a regulatory response document for Digital Token Service Providers (DTSP), marking that the new regulations will come into full effect on June 30. This policy not only has no transition period but also sets a baseline of "extremely limited licensing standards" and "criminal liability," effectively ending the "Singapore model," which was once seen as a crypto haven, almost overnight.

Let’s take a look at the eight key points under the new regulations.

1. Core Content of the New Regulations: Obtain a License or Cease Operations by the End of the Month

The document released by the Monetary Authority of Singapore (MAS) on May 30, 2025, formally establishes new regulations for Digital Token Service Providers (DTSP). The core of these regulations is to impose licensing obligations on all individuals or institutions that have a business presence in Singapore and provide digital token services to overseas clients, as stipulated in Section 137 of the Financial Services and Markets Act (FSM Act).

MAS clearly states that regardless of whether the service targets local Singaporean clients, as long as the service is conducted at any "business location" in Singapore, a DTSP license must be obtained; otherwise, it will be considered illegal operation. Previously, if the service was aimed at overseas clients, companies registered in Singapore did not need to obtain a license.

Even more stringent, MAS has refused to establish any transition period in this document. All entities subject to the new regulations must either obtain a DTSP license or completely cease all digital token service operations by June 30, 2025. MAS indicated that licenses would only be granted in "extremely limited circumstances," meaning that the vast majority of service providers do not meet the conditions to continue operating in Singapore. Violating the licensing regulations will constitute a criminal offense and face severe penalties as stipulated in the FSM Act.

2. Which Companies Will Be Affected?

The companies most affected by the new MAS regulations will be those that do not hold a DTSP license but have a physical presence, office, or core team members in Singapore, particularly the following two types of institutions:

International crypto institutions headquartered or primarily operating in Singapore, especially exchanges that previously used Singapore as a hub for the Asia-Pacific region. If certain service modules are not approved for DTSP, they may still touch regulatory red lines.
Web3 companies registered in Singapore but serving global users, unlicensed DEXs, wallets, and cross-chain protocol development teams: Projects that are legally registered in Singapore but target overseas markets, such as certain DeFi protocols, NFT platforms, and blockchain game development teams.

For example, if a decentralized exchange platform (a Uniswap fork project) or a cross-chain bridge team's technical core is based in Singapore, even if they serve global users, they will still fall under compliance risk if they do not obtain a license.

3. How to Obtain a DTSP License? Is It Difficult?

The application threshold for a DTSP (Digital Token Service Provider) license is extremely high. MAS has clearly stated in the latest response document that the license will only be granted under extremely limited circumstances. In other words, obtaining a license is not an open, routine administrative process but rather a special approval based on prudent regulatory logic.

First, the applicant must demonstrate that they have a comprehensive anti-money laundering and counter-terrorism financing (AML/CFT) control system, including customer due diligence (CDD) processes, suspicious transaction reporting mechanisms, technical and cybersecurity protections, due diligence processes when collaborating with third parties, IT system risk control and cybersecurity measures (which must meet the minimum cybersecurity requirements specified in FSM-N31), and an internal compliance structure (including arrangements for key personnel such as compliance officers and risk control heads).

MAS has systematic evaluation requirements for the applicant's compliance capabilities, business transparency, risk control mechanisms, and personnel qualifications. Particularly in terms of customer identity verification, transaction tracking, and data retention, DTSP license holders will face regulatory intensity comparable to or even higher than that of traditional financial institutions.

Therefore, it can be clearly stated that the DTSP license is not only "difficult to obtain," but is also a licensing system that, in terms of policy logic, "does not encourage widespread issuance." MAS's regulatory goal is not to help more crypto service providers comply but to actively filter out high-risk entities, minimizing the reputational and systemic financial risks that Singapore faces due to Web3 activities.

4. Remote Workers: Remote Work for Foreign Companies is Allowed, but Risks Remain

MAS's attitude towards remote workers is particularly rigorous and specific in this DTSP regulation, and its core logic can be summarized in one sentence: As long as you are "in Singapore and your work is overseas," you may trigger licensing obligations, even if you are working from home.

MAS clearly states that any individual providing digital token services (DT services) from a "business location" within Singapore to overseas clients must apply for a DTSP license under Section 137 of the Financial Services and Markets Act. The definition of "business location" is very broad, including not only formal offices but also shared workspaces and even home offices. This means that remote workers are not automatically exempt from regulatory obligations.

However, MAS has established exceptions for a certain group of people—if an individual is employed by a foreign-registered company that only serves foreign users, and their work is part of that employment relationship, such as remote coding or handling operational support tasks, then that employee's work itself is not considered illegal and does not trigger licensing obligations. It is important to note that this exemption only applies to formal "employee" status and not to independent consultants, contractors, or company founders who do not have an employment contract.

Nevertheless, there remains a significant amount of discretionary power in practical operations. For example, MAS has not clearly defined whether "employees" include project founders, shareholders, or co-founders; nor has it clarified whether certain responsibilities can be outsourced without affecting compliance status. Additionally, if remote workers engage in business negotiations, visit clients, or use shared office spaces in Singapore, it is unclear whether these actions could be deemed as conducting DT services in Singapore, thus falling under regulatory scrutiny.

Therefore, for remote workers in Singapore, simply relying on the fact that "work is not in the domestic market" is no longer sufficient for compliance assurance. MAS's position is very clear: as long as an individual is in Singapore and their work involves providing digital token services to overseas clients, they may be deemed to be operating illegally unless they meet the extremely strict exception standards.

5. Stricter Due Diligence Requirements

In the regulatory framework released by MAS, the requirements for customer due diligence (CDD) are highly stringent. MAS requires all individuals or institutions applying for and holding a DTSP license to establish a comprehensive CDD system to address the prevalent risks of money laundering and terrorist financing (ML/TF) in digital token services.

MAS has not set a uniform deadline for completing CDD in the FSM-N27 notice but has clearly stated that it will determine the completion timeline based on the specific circumstances of each applicant at the time of licensing. Assessment factors include the client's risk profile, the complexity of the business model, and the institution's own compliance capabilities.

In the face of potential future CDD revision requirements, MAS will not uniformly stipulate under what circumstances all license holders must update their existing customer information. Instead, MAS requires DTSPs to establish internal assessment mechanisms to determine whether re-due diligence is necessary based on actual business and revision content.

Additionally, MAS emphasizes that when deciding whether to rely on third parties to complete CDD work, DTSPs must conduct thorough due diligence on those third parties. Specifically, institutions should establish internal review processes to assess whether the third party has the capability to fulfill AML/CFT responsibilities. It is important to note that MAS does not allow payment service providers holding licenses from other countries or financial institutions under foreign regulatory oversight to be automatically included in the category of "reliable third parties."

6. Report Within Five Days for Events Like Three Arrows Capital, One Hour for Hacking Events

According to the relevant notices released by MAS, DTSP license holders must comply with two key reporting obligations, which involve reporting suspicious activities/fraud incidents (FSM-N28) and urgent notifications of significant incidents (FSM-N30):

First, the FSM-N28 notice requires that if fraud or suspicious activities are discovered, and the incident has a significant impact on the license holder's security, stability, or reputation (MAS will not uniformly define the "significance" of suspicious activities or fraud incidents; it is up to the company to judge), it must be reported to MAS within five working days. If the incident is still under investigation, the report must indicate the current investigation status, and MAS has the right to request additional information.

Secondly, the FSM-N30 notice stipulates that for significant incidents occurring in technical systems, cybersecurity, data breaches, etc., especially those that may trigger industry chain reactions or public confidence crises, license holders must submit an initial notification within one hour. MAS points out that the purpose of this requirement is to give regulatory authorities time to assess the potential impact of the incident on the entire market.

In summary: the reporting deadline for fraud and suspicious behavior is five working days, while significant cybersecurity incidents must be reported within one hour.

7. Which Licensed Companies Have Nothing to Worry About?

According to information released by the Monetary Authority of Singapore (MAS) as of June 5, 2025, the number of companies that have obtained a Digital Token Service Provider (DTSP) license is extremely limited, mostly consisting of well-known large companies.

Among them, known licensed (including those holding digital currency payment licenses) enterprises include Anchorage Digital Singapore, BitGo Singapore, Blockchain.com (Singapore), Bsquared Technology, Circle Internet Singapore, Coinbase Singapore, DBS Vickers Securities (Singapore), OKX, Paxos, Ripple, as well as well-known institutions like HashKey and GSR.

Additionally, some companies are exempt under the Payment Services Act (PS Act), Securities and Futures Act (SFA), or Financial Advisers Act (FAA), allowing them to provide related services without needing to apply for a DTSP license. Such exemptions typically apply to institutions that are already licensed and regulated in other financial service areas.

8. This Move is for Singapore's "Financial Reputation"

One of the core starting points of these new regulations is the Monetary Authority of Singapore's (MAS) high regard for the country's "financial reputation." MAS has repeatedly emphasized in the response document that due to the strong cross-border nature and internet characteristics of digital token services (DT services), their anonymity and borderless features make them more susceptible to being used for illegal activities such as money laundering, terrorist financing, and fraud. Although many DTSPs do not serve clients within Singapore, once these companies register or operate in Singapore, if something goes wrong, Singapore will inevitably bear the brunt of global public opinion and regulatory repercussions.

Therefore, MAS emphasizes that its regulatory goal is not merely to curb individual illegal activities, but to prevent any potential risks from causing systemic shocks to the reputation of Singapore's financial system. In MAS's view, the greatest risk posed by DTSPs to Singapore is not their direct penetration into the local financial system, but rather that if these institutions are misused, Singapore may be seen as a "jurisdiction of convenience" with lax regulation, severely undermining its credibility and regulatory reputation as a global financial center.

It can be said that this represents a "zero-tolerance" preventive regulatory mindset: it is better to forgo tolerance for high-risk innovations than to sacrifice national reputation. From this perspective, MAS's actions are not only about technical compliance but also a strategic defense of the "regulatory reputation red line."

免责声明：本文章仅代表作者个人观点，不代表本平台的立场和观点。本文章仅供信息分享，不构成对任何人的任何投资建议。用户与作者之间的任何争议，与本平台无关。如网页中刊载的文章或图片涉及侵权，请提供相关的权利证明和身份证明发送邮件到support@aicoin.com，本平台相关工作人员将会进行核查。