In one article: Comprehensive overview of Singapore's new DTSP policy

Source: Guofeng Law Firm

Authors: Shi Xinmin, Mou Xin

1. Regulatory Framework of the Cryptocurrency Sector in Singapore

(1) Policy timeline

From 2020 to 2022, the DPT license was introduced: The “Payment Services Act” (PS Act) initially established a regulatory framework for Digital Payment Tokens (DPT), creating a licensing system for DPT licenses (Digital Payment Token Service Licenses), attracting institutions such as Coinbase and Anchorage to operate, forming a “locally registered, globally served” model.

In 2022, the Financial Services and Markets Act (FSM Act) came into effect: In 2022, Singapore passed the Financial Services and Markets Bill 2022 (FSM Act), which provides a framework for the regulation of digital token services, defining digital tokens, the scope of regulation for related activities, and laying the foundation for subsequent detailed regulatory measures.

In October 2024, the consultation document focuses on the risks of “shell companies”: On October 4, 2024, MAS published a consultation document regarding Digital Token Service Providers (DTSP), proposing a series of regulatory requirements for digital token enterprises providing services to overseas clients, including the need to obtain a DTSP license, meet obligations such as anti-money laundering and cybersecurity, and provided preliminary explanations on the eligibility criteria for license applications.

On May 30, 2025, the final guidelines were released: On May 30, 2025, MAS published its response to the consultation document mentioned above, confirming that the provisions related to DTSP will officially come into effect on June 30, 2025. It further clarified the details and requirements of the regulation, such as the compliance obligations for licensed institutions and the specific process for license applications, while also emphasizing the penalties that will face those who violate the regulations.

On June 6, 2025, MAS clarified: On June 6, 2025, MAS issued a further clarification:

(1) From June 30, 2025, DTSPs providing digital payment token and capital markets product token related services 【only to users outside of Singapore】 will be required to obtain a license.

(2) Providers offering digital payment tokens or capital market product tokens to users within Singapore are regulated under the PS Act, Securities and Futures Act (SFA), and Financial Advisers Act (FAA), and the scope of business that licensed providers can conduct remains unchanged. These providers offering services to users within Singapore may also provide services to users outside of Singapore.

Source: Monetary Authority of Singapore

(2) The Background of the Introduction of the DTSP New Policy

In the past, Singapore was regarded by many in the cryptocurrency industry as an ideal location for setting up companies, and its status as an international financial center, along with its policies that encourage innovation, were also favored by cryptocurrency companies registered in Singapore and operating globally.

However, times have changed! International regulators, such as the Financial Action Task Force on Money Laundering (FATF)), require Singapore to implement stricter regulatory standards for the crypto industry to prevent “regulatory arbitrage”; The previous thunderstorms of crypto companies have also made the Singapore authorities worry that if the company is registered in Singapore and engages in high-risk business around the world, once it goes bankrupt/runs away, Singapore, as the company’s registered place, may bear pressure from around the world. Therefore, MAS clearly points out in the new regulation guidelines that a large number of companies registered in Singapore and providing digital token services to overseas users have seriously affected Singapore’s international financial reputation, and the new DTSP regulations are aimed at these crypto industry practitioners who are “based in Singapore and serving the world”. The FSM Act makes it clear that without a DTSP license, a business is not allowed to provide any “digital token services” outside Singapore through a “place of business” in Singapore.

Source: Monetary Authority of Singapore

2. The difference between DTSP and DPT licenses

2.1

Currently, the two most important licenses in Singapore for the crypto space are the DPT license (based on the Payment Services Act (PS Act)) and the DTSP license. Many people think that the DTSP license is just an upgraded version of the DPT license, but the regulatory scope is larger and the regulatory requirements are stricter, but in fact, it is completely different. There is a big difference between a DTSP license and a DPT license, which is mainly reflected in:

Overall, the DTSP license regulates enterprises that provide “external services,” with a broader regulatory scope and higher compliance requirements compared to the DPT license. Under the strict new policies of DTSP, apart from a few truly compliant and innovative companies that can remain in Singapore, most shell crypto companies without local operations must cease their business or relocate their entities out of Singapore by June 30, 2025, effectively being forced to exit.

2.2

DTSP license applicants need to prove to MAS that they have no intention of serving Singapore users: Since the purpose of the DTSP New Deal is to combat the “regulatory arbitrage” model of “Singapore Registered, Serving the World”, the DTSP New Deal clearly stipulates that DTSP license applicants need to prove to MAS that they “do not intend to carry on a business of providing digital token services in.” Singapore despite operating in or being formed or incorporated in Singapore".

Source: Monetary Authority of Singapore

How to prove that services are not intended for Singapore users: Applicants need to submit a business plan, which includes but is not limited to:

(i) Evidence of obtaining operational licenses for actual business activities and compliance with standards set by international organizations (such as FATF);

(ii) Overview of target customers, products, and services;

(iii) Reasons for not providing digital token services in Singapore and the need to register or operate in Singapore;

(iv) Assessment of the nature of the token (e.g., identification as a security token or a payment token);

(v) Capital flow situation;

(vi) A detailed and comprehensive analysis of how regulated digital token services apply to each proposed service/product (which may include access restriction measures taken for Singapore users, such as IP address blocking, KYC verification, and operational isolation arrangements undertaken by applicants, etc.).

3. Regulatory Focus of the New DTSP Policy

(1) License Requirements

Under Section 137 of the FSM Act, any person or company engaged in digital token services in Singapore, unless exempted, must hold a licensed license. The digital token services here include various types, such as digital token trading services, services that facilitate the exchange of digital tokens, transfer services between digital token accounts, etc.

(2) No transitional period

MAS will not provide transitional arrangements for DTSPs; operating without a license is considered illegal and may result in fines, revocation of registration, or even criminal liability. MAS only offers a four-week initial preparation period for DTSPs and refuses to provide any transition period or temporary exemption. Unlicensed entities must cease all related services by June 30, 2025.

(3) The scope of supervision is extensive

The definition of digital token services by MAS covers a wide range, including not only common services such as trading and transferring, but also services related to the sale or offering of digital tokens, such as providing advice related to digital tokens and publishing or disseminating research analyses, research reports, etc. According to the regulatory scope table published by MAS, the following activities fall under the regulatory scope of DTSP licensing:

(4) Compliance obligations are strict

DTSP licensed institutions must meet a series of stringent regulatory standards, including but not limited to anti-money laundering and counter-terrorism financing, cybersecurity requirements, technical risk management, segregation of client funds, auditing and reporting, etc. For example, in terms of anti-money laundering, measures such as KYC, customer risk assessment, transaction monitoring, and suspicious transaction reporting need to be implemented. In terms of network security requirements, it is necessary to strengthen system protection, data encryption, disaster recovery system, security audit report, etc.

(5) Restrictions on licensed institutions

MAS has imposed restrictions on the operational activities of licensed digital token service providers, including prohibiting the provision of actual payment or transmission of digital payment tokens to Singapore users without reasonable grounds; when providing digital token services, providers must not knowingly or have reason to suspect that a customer or a person acting on behalf of the customer is engaging in certain specific activities, among others.

4. DTSP New Policy Grey Areas

(1) Identification of Business Premises

The new regulations clarify that individuals or companies with a place of business in Singapore (any place used to carry on business) must obtain a DTSP license if they engage in activities involving digital tokens. On this basis, if employees conduct business in shared office spaces or at associated companies’ locations overseas, they are more likely to be considered as working in a “place of business.”

(2) Boundaries of Commercial Behavior

There is ambiguity in the boundaries of “business activities”, for example, whether the founders and shareholding employees may be identified as “employees” and thus be recognized as engaging in “business activities” and are carried out in the “business premises” and need to obtain a DTSP license, which is determined by MAS on a case-by-case basis. At the same time, Category 10 of the Schedule to the FSM Act includes “providing token investment advice through publications and research reports” into the regulation, but the MAS does not clearly distinguish between academic analysis and marketing content, and there is feedback that the scope of regulatory licenses of the FSM Act, PS Act, SFA and FAA does not overlap, and entities that provide advice related to digital payment tokens are not currently covered by the latter three, but are subject to the supervision of the FSM Act.

(3) AML/CFT Requirements

MAS requires licensees to re-conduct customer due diligence (“CDD”) on existing customers after obtaining a DPST license, and must not rely on overseas third-party payment service providers to complete the CDD process, but can rely on strictly regulated financial institutions such as banks. For value transfer requirements, transaction information (e.g. originator/beneficiary identity, token type) needs to be kept in order to comply with FATF standards. In response to feedback that if there is a need to set a maximum time limit for re-enforcing a CDD, it may be necessary for the MAS to grant a longer period of time for some institutions to conduct CDDs on a large number of existing clients, and for this reason, the MAS has not set a time limit for the CDD for the time being, and has indicated that it will determine the timeline at the time of licensing on a case-by-case basis (e.g., the institution’s client risk profile, etc.).

(4) The capabilities and qualifications of relevant personnel

There is currently no specific regulatory guideline, and the MAS tends to make case-by-case judgments, stating that they may publish a FAQ on this matter later.

(5) Technical Risk Management

MAS originally required licensed entities to submit event report details to MAS within a short period of time (within 1 hour) after a technical risk event occurred. However, a significant amount of feedback indicated that this time limit was too short and overly challenging for most institutions. Ultimately, MAS made a concession in this response, stating that entities need only submit a preliminary notification within 1 hour of the related event occurring, and then supplement the details of the relevant technical event as required by MAS thereafter.

(6) Disclosure Requirements

Despite some feedback suggesting that suspicious activities and fraud incidents should be reported on a monthly basis, MAS still insists that licensees submit reports in a timely manner. Furthermore, if the relevant incident is still under investigation, licensees are required to indicate the status of the investigation in their reports. MAS may contact licensees for more information.

(7) Minimum Capital Requirements

There have been feedback suggestions that the 250,000 SGD requirement may be too high for startups and small to medium-sized enterprises, becoming a barrier to their entry into the Singapore market. Therefore, several solutions were proposed, such as halving the capital requirement for startups in their first year (125,000 SGD) and implementing a tiered fee structure based on trading volume (for example, reducing annual fees if trading volume does not meet the threshold). However, the MAS believes that a key purpose of setting financial metrics is to ensure that licensed entities maintain a substantive presence in Singapore, and therefore the minimum standard of 250,000 SGD has not been lowered.

5. DTSP License Application Requirements

Due to the internet-based and cross-border characteristics of DTSP-related services, there is a risk of money laundering and terrorist financing (“ML/TF”), which may increase the risk of such service providers being used for or misused for illegal purposes, thereby harming Singapore’s reputation. In light of these risks, MAS advocates for a prudent and cautious approach, considering the issuance of DTSP licenses to applicants only in very limited circumstances. Such limited circumstances include:

(1) The applicant’s business model is economically meaningful and can demonstrate to MAS that, despite operating, establishing, or registering in Singapore, there is a legitimate reason not to intend to conduct digital token services in Singapore, to which MAS must be satisfied.

(2) The applicant’s business practices have not raised concerns for MAS and have accepted MAS’s regulation and supervision to comply with relevant internationally agreed standards, such as those established by the Financial Stability Board, the International Organization of Securities Commissions, and FATF, including all relevant standards set by regulatory agencies in the jurisdictions where the digital token business is actually conducted. For example, the applicant should be able to demonstrate that the proposed digital token business complies with the relevant internationally agreed standards.

(3) The applicant’s business structure, such as the ability of the applicant to fulfill regulatory obligations, has not raised any concerns for MAS; and

(4) Any other criteria that MAS determines may be relevant to the application (or applicant).

6. The Industry Impact of the New DTSP Policy

(1) Changes in the Regulatory Environment and Industry Ecosystem

Regulatory environment tightening: Singapore has attracted a large number of Web3 entrepreneurs and companies with its open and innovative regulatory environment. The implementation of new regulations marks a shift in its regulatory attitude from a relatively lenient and innovation-encouraging stance in the past to a more cautious and strict one today. This undoubtedly brings pressure for business adjustments to practitioners in the Web3 industry and also makes the entire industry’s regulatory environment more inclined towards compliance.

Industry Ecosystem Restructuring: As small businesses or non-compliant operations that do not meet regulatory requirements are forced out of the market, the ecosystem of the Web3 industry will be reshaped. Large enterprises with strong financial strength and technical capabilities that can meet strict regulatory requirements will have greater advantages, potentially increasing industry concentration further, while some small innovative companies may face survival challenges.

Impact on Innovation in the Web3 Industry: Strict regulatory requirements may pose certain challenges to the innovation drive in the Web3 industry. Some small innovative companies may face limitations in innovation due to a lack of sufficient resources and capabilities to meet regulatory demands, while large enterprises may also approach the expansion of innovative businesses more cautiously under compliance pressure. In terms of innovation direction, companies and developers may focus more on innovation within the compliance framework, exploring how to develop safer, more reliable, and efficient digital asset-related products and services while meeting regulatory requirements. This includes strengthening the application of blockchain technology in the compliance field, developing better risk management and monitoring tools, etc., to adapt to the new regulatory environment.

(2) The impact on various fields of Web3

Centralized cryptocurrency exchanges (CEX): For CEXs that have not obtained a DTSP license or a DPT license, the new DTSP policy undoubtedly raises the entry threshold for the industry, forcing such CEXs to no longer “Base in Singapore, serve globally”; they must either change their approach or strengthen compliance efforts, investing more costs.

Decentralized finance (DeFi) :D eFi platforms often emphasize decentralization and permissionlessness, and many DeFi projects may be restricted due to their inability to meet licensing requirements. Some decentralized lending and trading protocols, if they involve Singapore users or have related business activities in Singapore, may need to re-examine their business models to ensure compliance, which may inhibit the innovation and iteration of the DeFi industry.

7. Compliance Guidelines:

Embracing Regulation and Strategic Game Theory

For project parties that are currently operating in Singapore: first, they may face the risk of immediate shutdown: terminate all operations in Singapore before June 30, 2025 or apply for a license with a low success rate (meet the requirements of preparing legal opinions, capital certificates, penetration test reports, etc.); Secondly, the project party can consider entity restructuring, entity re-domiciliation, and business isolation to reduce compliance risks.

For investors in the Web3 sector: it is necessary to consider adding relevant clauses in the transaction documents and to initiate discussions with the project party about the restructuring plan as soon as possible.

VIII. Conclusion

The essence of this new policy is Singapore’s zero tolerance for “financial reputational risks”. When “shell companies” can be reduced to money laundering vehicles, MAS chooses to cut the risk with the strictest standards. The real winners fall into two categories: the licensed giants, and the long-termists who replace the fluke mentality with compliance predictions. While the implementation of the new regulations may cause it to lose some of its advantages as a Web3 hub in the short term, and some companies may shift their focus to other regions with a less stringent regulatory environment, in the long run, Singapore’s strict regulations will also help improve the stability of its financial markets and its international reputation, laying the foundation for the sustainable development of the Web3 industry. We have also recently discussed with our ecosystem partners that some companies that originally planned to do business in Singapore may re-evaluate their strategies and choose to invest and deploy in other regions with more regulatory advantages. The core of compliance is to interpret the regulatory logic, short-term countermeasures can only buy a time window, and long-term survival needs to build real compliance capabilities. After all, when the tide goes out, only those who wear compliant life jackets can swim to the next oasis.

View references

[1] 2019

[2]

[3]

[4]