post-title Know Your Customer regulations for Singapore companies

Know Your Customer regulations for Singapore companies

Know Your Customer regulations for Singapore companies

Know Your Customer regulations for Singapore companies

Singapore has been improving its regulatory framework for years now, to bring more accountability to the Singapore companies. Accounting and Corporate Regulatory Authority (ACRA) has implemented changes in it, that took effect on 15th May 2015. This Framework includes regulations for Corporate Service Providers (CSPs) that operate functions such as company incorporation and on-going corporate filings for their customers. The main objective of the regulations is to combat money laundering and the financing of terrorism. As a component of the new regulations, CSPs now should register with ACRA as a Filing Agent, and follow provisions of the new Framework.

Inability to follow the regulations can result in penalties and disbarment for the CSP. Money laundering and the financing of terrorism are major concerns for international law enforcement authorities including those in Singapore. There has been expanded global focus on combating these activities by implementing reliable regulations across international jurisdictions. The Financial Action Task Force (FATF) has lead the way in this effort and Singapore has followed its lead.

Enhanced Regulatory Framework for the Singapore Company Incorporation

Every year, service companies assist in the registration of thousands of Singapore companies. In the past, some of these entities were used to launder money. In a bid to prevent the money laundering activities, ACRA has made it mandatory for the service companies to obtain KYC (Know-Your-Customer) from the aspiring entrepreneurs. This has enabled the banks, financial institutions, and other corporate service providers from being party to such activities.


Components of KYC certificate include:

  • Full Name, Identification Proof e.g. passport copy; and Nationality of each of the Directors, shareholders, and the Ultimate Beneficial Owners of the company;
  • A resolution by the company’s board of directors;
  • Copy of Company’s certificate of incorporation;
  • Copy of the company’s business profile; and
  • Copy of the company’s M&AA


The Monetary Authority of Singapore and ACRA insist that the corporate services provider diligently ensure the identity of their customer and then only, proceed with the registration of their companies.


Aim of new regulations

ACRA regulations aim to protect corporate service providers in Singapore from unwittingly facilitating illegal activities of a few “bad” clients. Alongside with the new regulations, ACRA has additionally released a set of guidelines for Corporate Service Providers. These guidelines intend to help CSPs reduce compliance risks by establishing internal policies that will monitor and mitigate these risks.

Any company that provides corporate services for other businesses, e.g. statutory filing or incorporation of new companies, should ensure that it follows the guidelines below and set up internal policies in areas including customer risk assessment and due diligence. You must make sure to be in compliance with these regulations and guidelines if you are hiring a Corporate Service Provider (CSP) to incorporate and administer your Singapore company. Otherwise, if you hire a non-compliant firm, it is likely to be disbarred by ACRA and face penalties; in such situation, all clients of such disbarred firm will face serious disruption to their business due to their association with that CSP.


Why the new KYC Regulations?

The new enhanced framework has been developed by Singapore in accordance with the recommendations of the Financial Action Task Force (FATF). FATF is the premier international organization that coordinates international standards for safeguarding against money laundering and terrorist financing.

The Financial Action Task Force is an inter-governmental body whose objectives are to “set standards and promote effective implementation of legal, regulatory and operational measures for combating money laundering, terrorist financing and other related threats to the integrity of the international financial system”.  FATF has developed a series of recommendations that are the international gold standard for combating of money laundering and the financing of terrorism. FATF monitors the progress of its members in implementing these recommendations and promotes the adoption and implementation of appropriate measures globally with the aim of protecting the international financial system from misuse.

Who is Covered?

The new regulations that took place in 2015 cover Corporate Service Providers. CSPs are firms that provide various corporate services to other businesses (to both local and foreign clients) and file transactions on their behalf with Singapore’s ACRA. Typically, these services include:


  • The incorporation of local companies and registration of foreign companies in Singapore.
  • Provision of Registered Address service for the client company.
  • Acting as company secretary for the client company.
  • Provision of local resident director for the client company.
  • Filing of annual returns with ACRA for the client company.
  • Filing of changes to corporate structure for the client company such as changes in directors, shareholders, share capital, etc.


REGISTRATION AS FILING AGENT (FA) – firms who intend to provide CSP services and carry out filing transactions using ACRA’s electronic system must be registered as Filing Agents (the “FAs”). A registered FA can carry out a transaction with the ACRA only if he acts by or through a registered Qualified Individual (the “QI”). Employees who do not qualify as QIs can carry out transactions with the ACRA under the QIs’ supervision.

In case of a violations of the regulations, the registration of the involved FA or the QI can be terminated; in addition, the FA and QI can face penalties. Furthermore, the Chief Executive of ACRA can reject an application to be a registered FA or a registered QI if the “fit and proper” requirements or any of the other requirements imposed by the Chief Executive are not met by the applicant.


IMPLEMENTATION OF INTERNAL PROCEDURES – The CSP must have policies in place to guard against facilitating money laundering or the financing of terrorism and they should be recorded electronically or on paper, and they should document the steps that will be taken to ensure that the CSP exercises due diligence of clients in its business relationships. The guidelines apply a risk-based approach, in which risk factors for money laundering are identified, and an overall level of risk is determined for each customer. Higher risk customers should be subjected to greater degree of scrutiny in order to mitigate the risks associated with them. ACRA has provided a guide to drafting such internal policies in their guidelines in Annex A. These policies can be used as a template for CSPs to ensure that they meet the requirements of the new framework. The Annex also includes a template for a customer acceptance form which collects the information required for the CSP to perform its due diligence.


ASSESSMENT OF RISK – When a CSP acquires a new customer, the customer must be screened to determine the risk of money laundering; and this screening must be documented. The guidelines give a full listing of risk factors to consider, which include:


  • Customer Factors; such as non-resident customers, an overly complex ownership structure, or businesses which do a lot of their trade in cash.
  • Country or Territory Risk Factors; such as whether the country in which the customer is based is subject to sanctions or embargoes from the UN.
  • Service Risk Factors; for example, business transactions which are not made face-to-face.


The guidelines also specify factors which indicate if the customer is low risk, such as being a public company listed on the stock exchange, and hence being subject to disclosure requirements. Such circumstances imply that the risk of the customer being involved in money laundering is low. After these factors have been considered, then the customer can be designated as either:

  • High risk; in which case full due diligence must be performed, or
  • Low risk; in which case simplified due diligence measures may be used.



Due diligence must be performed on customers in any of the following situations when:

  • a new business relationship is established,
  • the CSP has reason to suspect that the customer may be laundering money, or
  • the CSP has doubts about the authenticity or accuracy of documents used to identify the customer.


To fulfil the requirements of due diligence, customers and agents must be identified, and their identities verified. If the company has a beneficial owner who is someone other than the customer (i.e. an individual who owns the assets and/or has authority over the customer), then the CPS must identify and verify the beneficial owner too. Identification of customers must be performed before a business relationship is established, by collecting and recording information about their customer such as:

  • full name
  • identity card or passport number
  • residential address
  • date of birth
  • nationality

This information must then be verified based on reliable documents and sources.


Once due diligence has been performed and a business relationship with the customer has been established, the CSP must continue to monitor the customer. Transactions passing between the customer and CSP should be inspected to ensure that the transactions (including the source of funds) are in line with known information about the customer and their risk profile. The documents used in this monitoring must be kept up to date, and the risk profile of the business relationship should be reviewed when it is necessary.

While, it is also important to keep records of all due diligence and monitoring information of customers, including risk assessment and screening, sufficient for an audit to be performed on those records, if necessary, e.g. copies of information about the customer’s identity, and all supporting documents. The records should be kept for the duration of the business relationship, and for at least five years from the date of the end of the business relationship. The records can be kept as original documents, as photocopies, on microfiche, or in an electronic format.



By following the ACRA Guidelines and using the template policies and customer acceptance form from the Annex, filing agents can make sure that their businesses are guarding against the facilitation of money laundering or the financing of terrorism. Corporate Service Providers must meet the ACRA requirements under the Enhanced Regulatory Framework.

Leave a Reply

Your email address will not be published.

Start your Journey here