I INTRODUCTION TO THE LEGAL AND REGULATORY FRAMEWORK
While there is a wide variety of cryptocurrencies and digital tokens with differing characteristics, most cryptocurrencies are a cryptographically secured representation of a token holder's rights to receive a benefit or to perform specified functions. However, from a legal perspective, it is critical to distinguish between these digital tokens, as the offering of different types of digital tokens may trigger different regulatory considerations. At last count, there appear to be broadly four categories of digital tokens: digital payment tokens, security tokens, utility tokens and asset-backed tokens.
i Digital payment tokens
On 21 November 2017, the Monetary Authority of Singapore (MAS) launched a second consultation on its proposed payments regulatory framework. Specifically, MAS issued its Consultation Paper on the Proposed Payment Services Bill. The Payment Services Bill (the Bill) was intended to streamline the regulation of payment services under a single piece of legislation, expand the scope of regulated payment activities to include digital payment token services and other innovations, and calibrate regulation according to the risks posed by these activities. The Bill was passed by Parliament on 14 January 2019 and became the Payment Services Act 2019 (the PS Act). The PS Act is expected to come into force once the regulations supporting the PS Act have been consulted on and finalised.
Under the PS Act, a digital payment token is defined to mean 'any digital representation of value that (1) is expressed as a unit (2) is not denominated in any fiat currency and is not pegged by its issuer to any fiat currency (3) is or is intended to be accepted by the public or a section of the public as a medium of exchange, to pay for goods or services, or discharge a debt (4) can be transferred, stored or traded electronically and (5) satisfies any other characteristic that MAS may prescribe'. Bitcoin and Ether are examples of digital payment tokens.
Digital payment tokens are not currently regulated, as they are not considered securities or currency.2 MAS has now proposed that where someone deals in digital payment tokens, that person could potentially be construed as providing a digital payment token service under the PS Act, triggering licensing requirements.
ii Security tokens
On 1 August 2017, MAS released the following statement:3
the offer or issue of digital tokens in Singapore will be regulated by MAS if the digital tokens constitute products regulated under the Securities and Futures Act [Chapter 289] (SFA) . . . MAS has observed that the function of digital tokens has evolved beyond just being a virtual currency. For example, digital tokens may represent ownership or a security interest over an issuer's assets or property. Such tokens may therefore be considered an offer of shares or units in a collective investment scheme under the SFA. Digital tokens may also represent a debt owed by an issuer and be considered a debenture under the SFA.
The Securities and Futures Act4 is the primary piece of legislation that governs securities and investment in Singapore. Where digital tokens are construed as securities under the SFA, such digital tokens would be subject to the various requirements of the SFA. Most commonly, these include licensing requirements for the regulated activity of dealing in capital markets products (the definition of which includes securities) and prospectus registration requirements for offering securities or securities-based derivatives contracts to persons in Singapore.
The term capital markets products includes any securities, units in a collective investment scheme and derivatives contracts. The term securities, in turn, includes shares, units in a business trust or any instrument conferring or representing a legal or beneficial ownership interest in a corporation, partnership or limited liability partnership and debentures (i.e., bonds or notes). The term securities-based derivatives contracts means any derivatives contract of which the underlying thing or any of the underlying things is a security or a securities index, but does not include certain derivatives contracts prescribed by regulations.
There is a risk that a digital token falling within the described instruments above would be a capital markets product, and for the purposes of this chapter will be referred to as a security token. However, it would be prudent to go further and say that if a digital token displays characteristics that the various financial products that form the definition of capital markets products are typically associated with, there is a risk that they may be construed as a security token and trigger licensing requirements for dealing in capital markets products and prospectus registration requirements under the SFA. This is discussed in further detail in Section II.
iii Utility tokens
Utility tokens typically arise in the context of an initial token offering or an initial coin offering (ICO). At a basic level, an issuer offers digital tokens to participants through blockchain and cryptocurrency technology. Participants typically transfer digital payment tokens (such as Bitcoin or Ether) to the issuer in exchange for digital tokens at a predetermined exchange rate. The digital tokens issued are often designed to be usable to pay for the products or services of the issuer (or its related corporation).
Conceptually, such an ICO is different from an initial public offering (IPO) in that in an IPO, funds are raised by an issuer through the issuance of its shares to investors. In an ICO, digital tokens are issued to the consumers of the products and services provided by the issuer (or its related corporation). In a sense, the focus of a participant in an ICO may be on the quality of the products and services provided by the issuer (or its related corporation), while for an IPO, the focus of an investor may be on the quality of the products and services provided by the issuer and how that translates to the overall future value of the company (i.e., the share value of the company).
Digital tokens may also have other rights attached to them. In many jurisdictions, there are financial regulatory concerns surrounding ICOs, generally revolving around the proper legal categorisation of the digital tokens issued pursuant to an ICO. The issue is likely to be determined based on whether such digital tokens are effectively capital markets products (or their equivalent in each jurisdiction), and the follow-on applicability of prospectus registration and financial regulatory licensing laws. From a policy perspective, such laws are generally geared towards protecting consumers by ensuring that they are provided with a prescribed level of information on the offering to enable them to better understand their purchase. In addition, such laws seek to ensure that the entity that deals in such capital markets products keeps to a prescribed level of operating standards, both in relation to its internal operations and its dealings with customers and clients. Where digital tokens are taken not to be capital markets products, consumers may end up bereft of the protections afforded by such laws.
Notwithstanding the above, it is by no means clear how a digital token will be categorised in different jurisdictions.
When dealing with utility tokens, a fundamental consideration is often to ensure that the utility tokens are not characterised as capital markets products and do not display such characteristics (i.e., the tokens are not security tokens). As mentioned above, dealing in capital markets products or offering security tokens may trigger both licensing and prospectus requirements, and it is often the case that such requirements run counter to the considerations underpinning an ICO. It is also advisable to ensure that the underlying product or service that the utility token holder is able to access is not in itself regulated.
iv Asset-backed tokens
One of the benefits of blockchain technology is the ability to tokenise virtually any asset. The technology allows ownership of an asset to be shared between multiple persons, and bought and sold across national boundaries with ease. However, the broad scope of the assets that can be the subject of tokenisation also brings about a broad range of legal considerations, depending on the specific asset that is tokenised and the rights attached to each token.
One commonly tokenised asset belongs to the category of precious metals. In effect, what typically transpires is that the issuer of a token (or a related corporation) has a store of precious metal and wishes to provide the general public with the ability to gain exposure to the price of the precious metal. It may be the case that tokenisation of the ownership in the precious metal allows for each token to be priced in such a manner that the average person can afford to purchase ownership in the precious metal (via ownership of the token). This is possible as there is no limit on the number of tokens that can be representative of a specific amount of precious metal. There is also the added advantage of the token holder being able to transact in the tokens online, without having to deal with the physical aspects of the precious metal but with the ability to withdraw the actual precious metal at any time.
Where advising on tokens that represent ownership in precious metals, consideration should be given to whether this triggers any regulatory implications. By way of example, the buying and selling of tokens may be construed as undertaking spot commodity trading under the Commodity Trading Act (CTA).5 The CTA defines a spot commodity broker as 'a person whether as principal or agent who carries on the business of soliciting or accepting orders, for the purchase or sale of any commodity by way of spot commodity trading, whether or not the business is part of, or is carried on in conjunction with, any other business'. Spot commodity trading is in turn defined as 'the purchase or sale of a commodity at its current market or spot price, where it is intended that such transaction results in the physical delivery of the commodity'.
Another common business model for such category of digital tokens relates to the tokenisation of real estate. One example is where an issuer collects monies (fiat) from purchasers of a token, and with such monies purchases real estate. Each token represents beneficial interests in a trust that holds the real estate (and rights to some form of return on the real estate). There is a manager that manages the real estate with a view to generating a return for the token holders. Depending on the exact scope of the business model, there may be a number of regulatory issues that are triggered under such a scheme. It is possible that such an arrangement may be considered a collective investment scheme under the SFA, and the offering of the tokens may be seen as the regulated activity of dealing in capital markets products under the SFA. Again, depending on the exact business model, it is possible that the manager may be construed to be providing fund management services under the SFA, thus triggering licensing requirements therefor, unless exempt. A unit in a collective investment scheme falls under the definition of a capital markets product under the SFA.
II SECURITIES AND INVESTMENT LAWS
As mentioned in Section I.ii, dealing in or offering security tokens may trigger both licensing and prospectus requirements under the SFA. Apart from such concerns, issuers and distributors of security tokens who advise or promulgate research analyses and reports could be subject to the licensing requirements of the Financial Advisers Act (FAA).6
In addition, operators of platforms or exchanges that facilitate secondary trading of these security tokens that are or have characteristics of derivatives contracts, securities or units in collective investment schemes would need to be approved or recognised by MAS as an approved exchange or recognised market operator, respectively, under the SFA.
An important point to note is that the SFA and the FAA have extraterritorial application. Under the SFA, where acts are carried out partly in and partly outside Singapore, they would be treated as being committed wholly in Singapore, and where an act is carried out wholly outside Singapore, it would be treated as being carried on in Singapore if it has a substantial and reasonably foreseeable effect in Singapore.7 Under the FAA, a person will be deemed to be acting as a financial adviser in Singapore if he or she engages in any activity or conduct that is intended to or likely to induce the public in Singapore or any section thereof to use any financial advisory service provided by the person, whether or not the activity or conduct is intended to or likely to have that effect outside Singapore.8
III BANKING AND MONEY TRANSMISSION
Banking is regulated at a national level by MAS (as part of its regulation of conventional banks), and MAS also imposes data and transactional security requirements on the financial institutions it regulates.
Commercial banks are regulated under the Banking Act.9 They may undertake universal banking. Besides commercial banking, which includes deposit taking, the provision of cheque services and lending, banks may also carry out any other businesses that are regulated or authorised by MAS, including financial advisory services, insurance broking and capital market services.
Merchant banks are approved under the Monetary Authority of Singapore Act10 and their operations are governed by the Merchant Bank Directives. On 21 May 2019 MAS released a consultation11 proposing to consolidate the regulation and licensing of merchant banks under the Banking Act. Their Asian Currency Unit operations are also subjected to the Banking Act. Merchant banks operate within the Guidelines for Operation of Merchant Banks. Their typical activities include corporate finance, underwriting of share and bond issues, mergers and acquisitions, portfolio investment management, management consultancy and other fee-based activities. Most merchant banks have, with MAS' approval, established Asian Currency Units to transact in the Asian dollar market.
The specific type of regulations that a digital bank will trigger will generally depend on the types of activities that it undertakes, and which of the categories set out above the digital bank falls within.
It was reported in May 2019 that MAS was considering whether to allow digital-only banking licenses, which would permit financial technology firms to operate digital-only banks without needing a traditional bank at its core.
ii Money transmission
There is a licensing requirement under the Money-changing and Remittance Businesses Act (MRBA)12 for the carrying on of remittance business. Remittance business is defined in the MRBA to mean 'the business of accepting monies for the purpose of transmitting them to persons resident in another country or a territory outside Singapore'.13 Section 2(2)(b) of the MRBA provides that a person is deemed to be carrying on remittance business if he or she offers to transmit money on behalf of any person to another person resident in another country. Persons who facilitate the transmission of digital tokens or fiat should consider whether such transmission would trigger licensing requirements for operating a remittance business.
Notwithstanding the current requirements under the MRBA, under the PS Act, the regulatory requirements relating to the transmission of monies will be expanded, as can be seen from the expanded scope of the regulated activity of 'cross-border money transfer service' and the new regulated activity of 'domestic money transfer service'. As such, where proposing to transfer fiat or digital tokens representing fiat, a person should be mindful of the regulatory requirements under the PS Act.
Under the PS Act, money is defined to include currency and e-money but does not include any digital payment token and any excluded digital representation of value. The PS Act clearly distinguishes between e-money and digital payment tokens. A 'digital payment token' is defined to mean 'any digital representation of value that (1) is expressed as a unit (2) is not denominated in any fiat currency and is not pegged by its issuer to any fiat currency (3) is or is intended to be accepted by the public or a section of the public as a medium of exchange, to pay for goods or services, or discharge a debt (4) can be transferred, stored or traded electronically and (5) satisfies any other characteristic that MAS may prescribe'. By contrast, e-money is defined to mean:
electronically stored monetary value that (1) is denominated in any currency, or pegged by its issuer to any currency (2) has been paid for in advance to enable the making of payment transactions through the use of a payment account (3) is accepted by a person other than its issuer and (4) represents a claim on its issuer.
The definition in the PS Act is useful from a conceptual standpoint, as it provides a clean framework to separate digital payment tokens and e-money.
Different regulated activities may be triggered depending on whether e-money or a digital payment token is being handled. Dealing in digital payment tokens could potentially be construed as providing a digital payment token service under the PS Act, thus triggering licensing requirements therefor. Separately, where e-money issuance is undertaken, or someone is construed to be providing account issuance services, providing domestic money transfer services, providing cross-border money transfer services or providing merchant acquisition services in relation to e-money, licensing requirements could be triggered for these activities under the PS Act.
IV ANTI-MONEY LAUNDERING
Financial institutions operating in Singapore are required to put in place robust controls to detect and deter the flow of illicit funds through Singapore's financial system. Such controls include the need for financial institutions to identify and know their customers (including beneficial owners), conduct regular account reviews, and monitor and report any suspicious transaction. The requirements on financial institutions are set out in MAS Notices on the Prevention of Money Laundering and Countering the Financing of Terrorism (the AML/CFT Notices).
Financial institutions are encouraged to refer to guidance papers for good practices for combating money laundering and terrorism financing, and AML/CFT announcements for information on high-risk jurisdictions, as well as other news.
Such AML/CFT requirements are imposed generally on financial institutions operating in Singapore and are typically independent of whether digital tokens are involved in a transaction. Having said that, the presence of digital tokens may mean that financial institutions will need to conduct additional AML/CFT procedures owing to the anonymous nature of digital tokens.
The AML/CFT risk posed by digital tokens is well recognised in Singapore. In his reply to a parliamentary question on banning the trading of Bitcoin or cryptocurrency, Tharman Shanmugaratnam, the Deputy Prime Minister and the Minister in charge of MAS, observed: '[w]hen it comes to money laundering or terrorism financing, Singapore's laws do not make any distinction between transactions effected using fiat currency, virtual currency or other novel ways of transmitting value. Hence, MAS' AML/CFT requirements apply to all activities of financial institutions, whether conducted in fiat or virtual currencies'.14 In his reply to a parliamentary question on AML/CFT enforcement on virtual currency transactions, he noted: '[t]here is a clear risk of money laundering . . . [c]ryptocurrency transactions are anonymous. Given also the decentralised systems behind cryptocurrency payments, and the speed at which they can be performed, they can be used to conceal the illicit movement of funds.'15
ii Future specific AML/CFT laws
The PS Act will broaden the current scope of MAS' regulatory purview by requiring intermediaries that buy, sell or exchange digital payment tokens to specifically address money laundering and terrorism financing risks.16 On 6 June 2019, MAS issued the Consultation Paper on the Proposed Payment Services Notices on Prevention of Money Laundering and Countering the Financing of Terrorism (the AML Consultation).17 MAS has stated in the AML Consultation that all transactions under digital payment token services are considered to carry higher inherent money laundering and terrorism financing risks due to the anonymity, speed and cross-border nature of digital payment token transactions. It is proposed that AML/CFT requirements be introduced on licensees under the PS Act who provide digital payment token services that deal in or facilitate the exchange of digital payment tokens for real currencies where:
- dealing in digital payment tokens includes the buying and selling of digital payment tokens – this will typically involve the exchange of digital payment tokens (such as Bitcoin or Ether) for any fiat currency or another digital payment token (such as a Bitcoin for Ether transaction); and
- facilitating the exchange of digital payment tokens means establishing or operating a digital payment token exchange that allows the buying or selling of any digital payment token in exchange for any fiat currency or another digital payment token (whether of the same or a different type).
MAS also indicated in the AML Consultation that to fully align with the Financial Action Task Force Standards, it intends to amend the PS Act and issue further AML/CFT Notices at a later stage. The consultation on further amendments is expected to take place at the end of 2020.
V REGULATION OF EXCHANGES
The SFA provides that no person shall establish or operate an organised market (including a securities market), or hold him or herself out as operating an organised market, unless such person is an approved exchange or a recognised market operator. Operators of platforms or exchanges that facilitate secondary trading of security tokens that are or have characteristics of derivatives contracts, securities or units in collective investment schemes would need to be approved or recognised by MAS as an approved exchange or recognised market operator, respectively.
Digital payment token exchanges will be regulated under the PS Act as providing a digital payment token service that includes facilitating the exchange of digital payment tokens. This would be the case even where such digital payment tokens are not deemed to be capital markets products (i.e., not security tokens) within the meaning of the SFA but otherwise fall within the definition of digital payment tokens under the PS Act. Digital payment token exchanges will be required to apply for a licence to operate in Singapore.
VI REGULATION OF MINERS
Whether the mining of digital payment tokens will trigger licensing or regulatory requirements will depend on the exact scope of the mining arrangement. It is possible that if a company offers a service where it rents out mining machines, runs and maintains a collective mining pool that the mining machines are connected to, maintains the mining machines, pools returns from the mining operations and distributes such returns to the miners, this could potentially be construed as operating a collective investment scheme, and relevant regulatory implications will need to be considered.
VII REGULATION OF ISSUERS AND SPONSORS
Generally, issuers and sponsors of digital payment tokens (such as Bitcoin and Ether) are not regulated in Singapore, unless the digital payment token exhibits characteristics of capital markets products or is a tokenised asset. Once the PS Act comes into force, issuers and sponsors of digital payment tokens may trigger licensing requirements for providing digital payment token services, depending on the exact service that is being contemplated.
Utility tokens are typically meant to represent a presale of a product or service to be provided by the issuer (or its related corporation), and such utility tokens are issued to the consumers of such products or services. In this regard, depending on whether the underlying products or services that utility tokens can be exchanged for trigger licensing or regulatory requirements, issuers of utility tokens may accordingly be subject to regulation.
VIII CRIMINAL AND CIVIL FRAUD AND ENFORCEMENT
It is expected that every jurisdiction (Singapore included) will face issues pertaining to the bringing and the enforcement of actions relating to digital payment token trading. The two biggest issues arise with respect to identification of the counterparty (in a civil action) or perpetrator of the fraud (in a criminal action). If the counterparty or perpetrator can be identified and located, the second issue concerns bringing an action against that person and enforcing a judgment against that person.
Given the cross-border nature of the internet and digital payment token transactions, fraud can be perpetrated from virtually any location relating to persons in any other location: after all, anonymity is one of the greatest hallmarks of digital payment token systems and blockchain technology. This is coupled with the ease of concealing one's identity on the internet. In such situations, the challenges lie in being able to identify and locate, and subsequently bring and enforce legal action against, that person, whether locally or in a foreign jurisdiction. At present, there may be methods of identifying and locating such persons, but it is expected that a concerted effort and a large amount of resources would need to be expended to mount any successful attempt at doing so. In the case of civil proceedings, a claimant is unlikely to have the expertise or resources to be able to do so. In the case of criminal proceedings, it is likely that the scale of the fraud (and possibly other factors) would determine whether expending the amount of resources to identify, locate and bring an action against a perpetrator is justifiable.
There is no capital gains tax or inheritance tax in Singapore. The corporate income tax rate is 17 per cent for companies, while goods and services tax (GST) is currently charged at a rate of 7 per cent. There remains some residual uncertainty as to how taxes will be applied to certain digital token offerings. By way of example, in the context of an initial token offering, it is unclear how corporate tax and GST will be applied to the sale of the utility tokens pursuant to the offering.
X OTHER ISSUES
Based on publicly available reports18 and discussions with industry players, it is understood that certain fintech companies (e.g., cryptocurrency exchanges) and companies that have conducted offerings of utility tokens have had difficulties in opening or maintaining bank accounts in Singapore. A number of banks in Singapore have either refused to allow such persons to open a bank account or have otherwise closed existing bank accounts. We believe that the reason for this probably comes down to concerns relating to AML/CFT requirements.
XI LOOKING AHEAD
As discussed in Section I.i, the PS Act will streamline the regulation of payment services under a single piece of legislation, expand the scope of regulated payment activities to include digital payment token services and other innovations, and calibrate regulation according to the risks posed by these activities.
When the PS Act comes into force, payment firms will only need to hold one licence under a single regulatory framework to conduct any or all of the specified payment activities. Only payment activities where payment firms face customers or merchants, process funds or acquire transactions, and pose relevant regulatory concerns will need to be licensed. The new framework will expand the scope of regulation to include domestic money transfers (e.g., transferring money through payment kiosks), merchant acquisitions (e.g., acquiring transactions through a point-of-sale terminal or online payment gateway), and the purchase and sale of digital payment tokens.
To help ensure that the expanded scope of regulation is not onerous, the PS Act will differentiate regulatory requirements according to the risks that specific payment activities pose rather than apply a uniform set of regulations on all payment service providers. This can be seen from the calibrated approach that MAS has taken in the AML Consultation.
The PS Act will empower MAS to regulate payment services for money laundering and terrorism financing risks, strengthen safeguards for funds belonging to consumers and merchants, set standards on technology risk management, and enhance the interoperability of payment solutions across a wider range of payment activities.
1 Adrian Ang and Alexander Yap are partners, and Anil Shergill and Samuel Kwek are senior associates, at Allen & Gledhill LLP.
4 Securities and Futures Act (SFA), Chapter 289 of Singapore.
5 Commodity Trading Act, Chapter 48A of Singapore.
6 Financial Advisers Act, Chapter 110 of Singapore.
7 Section 339 of the SFA.
8 Section 6(2) of the FAA.
9 Banking Act, Chapter 19 of Singapore.
10 Monetary Authority of Singapore Act, Chapter 186 of Singapore.
11 The consultation can be accessed at: https://www.mas.gov.sg/publications/consultations/2019/consultation-paper-on-regulating-merchant-banks-under-the-banking-act
12 Money-changing and Remittance Businesses Act, Chapter 187 of Singapore.
13 Section 2(1) of the MRBA.
14 Reply to Parliamentary Question on AML/CFT enforcement on virtual currency transactions, available at https://www.mas.gov.sg/news/parliamentary-replies/2018/reply-to-parliamentary-question-on-amlcft-enforcement-on-virtual-currency-transactions
15 Reply to Parliamentary Question on banning the trading of bitcoin currency or cryptocurrency, available at https://www.mas.gov.sg/news/parliamentary-replies/2018/reply-to-parliamentary-question-on-banning-the-trading-of-bitcoin-currency-or-cryptocurrency
16 Crypto Tokens: The Good, The Bad, and The Ugly: Speech by Mr Ravi Menon, Managing Director, MAS, at Money20/20, 15 March 2018, available at https://www.mas.gov.sg/news/speeches/2018/crypto-tokens-the-good-the-bad-and-the-ugly