Singapore
Financial Sector Assessment Program; Detailed Assessment Of Observance-CPSS-IOSCO Principles for Financial Market Infrastructures

This Detailed Assessment of Observance on the Committee on Payment and Settlement Systems-International Organization of Securities Commissions Principles for Financial Market Infrastructures on Singapore discusses that the Monetary Authority of Singapore (MAS) has taken important steps to address the recommendations made for capital market financial market infrastructures (FMIs). MAS has led efforts to develop international guidance on the cyber resilience for FMIs and moved swiftly to strengthen Singapore’s governance and resiliency of the payment system. The assessment of New MAS Electronic Payment and Book-Entry System (MEPS+) finds that most of the principles are observed, however, also identifies opportunities for further improvement relative to international best practices. One of the several observations is that the legal basis is sound with further enhancements made for insolvency protection, designation criteria, and administrative powers for MAS. Also, governance arrangements are clear and transparent and should continue to ensure the independence of the oversight and supervisory functions for MEPS+.

Abstract

This Detailed Assessment of Observance on the Committee on Payment and Settlement Systems-International Organization of Securities Commissions Principles for Financial Market Infrastructures on Singapore discusses that the Monetary Authority of Singapore (MAS) has taken important steps to address the recommendations made for capital market financial market infrastructures (FMIs). MAS has led efforts to develop international guidance on the cyber resilience for FMIs and moved swiftly to strengthen Singapore’s governance and resiliency of the payment system. The assessment of New MAS Electronic Payment and Book-Entry System (MEPS+) finds that most of the principles are observed, however, also identifies opportunities for further improvement relative to international best practices. One of the several observations is that the legal basis is sound with further enhancements made for insolvency protection, designation criteria, and administrative powers for MAS. Also, governance arrangements are clear and transparent and should continue to ensure the independence of the oversight and supervisory functions for MEPS+.

Executive Summary

Singapore’s financial market infrastructures (FMIs) have continued to operate safely and efficiently since they were assessed in the FSAP of 2013. The Monetary Authority of Singapore (MAS) has taken important steps to address the recommendations made for capital market FMIs. Remedial actions were implemented or are in progress for the two central counterparties. The privately-operated securities settlement system has moved its SGD money settlements for equities and debt securities to settle at the MAS in December 2018. Two additional central counterparties and one trade repository have also entered the FMI landscape. MAS has signed a supervisory cooperation on crisis management arrangements with the U.S. authorities.

The payment system was further protected with legal and regulatory reforms. The Payment and Settlement Systems (Finality and Netting) Act was amended in 2018 to enhance insolvency protection, designation criteria, and administrative powers of the MAS. A Payment Services Bill to address new activities and risks, following major changes in the payments landscape, was proposed in 2017 and is expected to be introduced to Parliament in late-2018. Foreign exchange settlement risks in the financial landscape were addressed following international supervisory guidance issued in 2013, with MAS supervisory expectations requiring banks to include the management of such risks in their counterparty risk management framework.

MAS has led efforts to develop international guidance on the cyber resilience for FMIs and moved swiftly to strengthen Singapore’s governance and resiliency of the payment system. MAS co-chaired the Committee on Payments and Market Infrastructures (CPMI)/International Organization of Securities Commissions (IOSCO) Working Group on Cyber Resilience, which prepared the international guidance. MAS has appointed a member in its Board-level Risk Committee who has specialist expertise and experience in technology and cyber risk management, and also a Chief Cyber Security Officer to its senior management team to advise on strengthening the cyber resiliency of the MAS and the financial sector. A Cyber Resiliency Framework for MAS-operated Critical Information Infrastructures (CIIs) has been established and includes the MAS Electronic Payment and Book-Entry System (MEPS+). Efforts are ongoing to manage potential operational risks that could stem from cyber risks, and they include expanding surveillance coverage, reinforcing protection capabilities, reducing time to recover, and developing cyber competencies. MAS established a Cyber Security Advisory Panel, including international cyber security thought leaders.

MAS’ pioneering role in cyber resiliency is also demonstrated in its practices, which are higher than minimum requirements and help strengthen the safety of FMIs. Given that Singapore is a modern financial center with a systemically important financial system, MAS is right in aiming for higher standards than the minimum set out in the Committee on Payment and Settlement Systems (CPSS)/IOSCO Principles for Financial Market Infrastructures (PFMI). And it is particularly important to do so considering the evolving financial landscape, new technologies, and potential risks since the issuance of the international standards in 2012. MAS’ potential to aim for higher standards in many other areas of the PFMI are also evident in the assessment results for the MEPS+ inter-bank funds transfer sub-system and MAS responsibilities.

The assessment of MEPS+ finds that most of the principles are observed, but also identifies opportunities for further improvement relative to international best practices. MEPS+ observes 17 principles and broadly observes one principle, which is on operational risk. Six principles were not applicable. To achieve full observance for operational risk, enhancements to the cyber resiliency of the central bank and MEPS+ would need to be substantially implemented. While MEPS+ has observed most of the minimum standards of the PFMI, the mission has identified opportunities for improvement in view of rapid technological changes, evolving risks, and comparisons with international best practices that the authorities’ may want to consider:

  • Governance (Principle 2). As the Chief Cyber Security Officer is a new and important role which is held concurrently by the Executive Director of the Technology Risk and Payments Department (TRPD), which is the overseer and supervisor of MEPS+, the clarification of the role and reporting line should ensure the independence of the TRPD. The objective would be to prevent perceived or potential conflicts of interest between the oversight and operational responsibilities for MEPS+. The TRPD head is a member of the Management Financial Supervision Committee, which is the governing oversight body of MEPS+. The Chief Cyber Security Officer, whose appointment is currently held by the TRPD head, is also a member of the Management Critical Information Infrastructure Committee, which is responsible for the operations of MEPS+. As the Chief Cyber Security Officer role, responsibilities, and resource implications continues to evolve, MAS may consider if a full-time position is warranted.

  • Comprehensive risk management framework (Principle 3). In the near to medium term, FMIs might adopt distributed ledger technology to handle different asset classes such as for cash, securities and foreign exchange. MAS should analyze and identify the potential risks for MEPS+ guided by the CPMI analytical framework for distributed ledger technology in payment, clearing and settlement. This framework considers risk implications such as legal basis, governance, settlement finality, financial risk, and operational risk.

  • Operational risk (Principle 17). With the worldwide heightening of cyber risks, MAS should: (i) enhance enterprise-level cyber resiliency with mandatory information security awareness training and course completion for all MAS staff on a regular basis; (ii) apply ratings in the annual self-attestations submitted by MEPS+ critical service providers to support the continuation of critical services for MEPS+ and ensure that the external audit is completed against acceptable national or international standards; and (iii) monitor the compliance of MEPS+ participants with the mandatory controls of the Society for Worldwide Interbank Financial Telecommunication (SWIFT) Customer Security Program, and ensure that self-attestations are audited.

  • Disclosure of rules, key procedures and market data (Principle 23). To further enhance transparency and thus foster public understanding and confidence in the payment system, MAS should consider public disclosure of additional information on material developments and quantitative indicators such as MEPS+ system availability, average daily liquidity, and throughput time in the MEPS+ disclosure framework. This is particularly important with operational incidences associated with MEPS+, FMI interdependencies, and MEPS+ critical service providers.

The assessment of MAS responsibilities finds that most responsibilities are also observed. Responsibility B on powers and resources is assessed as having broad observance because of resource constraints relative to the broad scope of responsibilities and in light of the evolving payments landscape. Potential opportunities for improvement relative to international best practices are as follows.

  • Regulatory, supervisory, and oversight powers and resources (Responsibility B). In view of its broad mandate and increased responsibilities, MAS should increase resources for the payment systems oversight and supervision unit of the TRPD. The unit is responsible for the oversight and supervision of MEPS+, five privately-operated designated payment systems, and credit bureaus. The unit also participates in the cooperative oversight of a cross-border payment system and SWIFT. The unit has a limited number of staff working on payment systems oversight and supervision. Sufficient resources would support the detailed annual assessment of MEPS+ and other payment systems, which could evolve in systemic importance.

  • Disclosure of policies with respect to FMIs (Responsibility C). To further enhance transparency in its oversight and supervisory responsibilities, MAS should consider: (i) enhancing the independent review of MEPS+ with an annual assessment report with ratings prepared by the TRPD, endorsed by the Management Financial Supervision Committee, and publicly disclosed; and (ii) publishing an annual report on FMI and payments for Singapore, including the policies, assessment results, and risk analysis for the MEPS+.

  • Application of the PFMI (Responsibility D). To clarify the application of the PFMI, MAS should consider: (i) revising the Monograph on Supervision of Financial Market Infrastructures to describe the standards used for designated system-wide important payment systems and the associated risks assessed relative to the PFMI; and (ii) assessing on an annual basis the need to apply the PFMI to system-wide important payment systems with respect to horizon-scanning and changes in their risk profiles (such as value limit increases, cross-border features).

Introduction

1. This report contains the assessment of Singapore’s systemically important payment system and authorities’ responsibilities against international standards. The assessment was undertaken in the context of the IMF’s FSAP mission to Singapore from October 29 to November 14, 2018.1 The assessor would like to thank the MAS for the excellent cooperation and hospitality.

2. The objective of the assessment was to identify potential risks that may affect financial stability. While safe and efficient payment and securities settlement systems contribute to maintaining and promoting financial stability and economic growth, they may also concentrate risk. If not properly managed, FMIs can be sources of financial stocks, such as liquidity dislocations and credit losses, or a major channel through which these shocks are transmitted across domestic and international financial markets.

3. The scope of the assessment includes the MEPS+ and its authority, the MAS.2 MAS-operated FMIs includes the MEPS+, which functions as an interbank funds transfer system, and a central securities depository and a securities settlement system for government securities and MAS Bills. The assessment focuses on the inter-bank funds transfer functions of MEPS+. MEPS+ is assessed using 18 of the 24 principles that are generally applicable for payment systems under the PFMI. MAS regulatory, supervisory and oversight responsibilities are assessed against Responsibilities A to E of the PFMI.

4. Singapore’s FMIs have been subject to external assessments and peer reviews. Detailed assessments were completed for central counterparties in the FSAP of 2013. The systemically important payment system and securities settlement systems were assessed in the FSAP of 2002–03. Singapore takes part in monitoring the implementation of the PFMI by CPMI/IOSCO, which includes self-assessments and peer reviews.3 Singapore has participated in the Financial Stability Board peer review in 2017, which recommended the extension of resolution planning to FMIs that could be systemic in failure.

5. The methodology for the assessments is based on the PFMI Disclosure Framework and Assessment Methodology.4 Important sources of information included the self-assessment report and disclosure framework of MEPS+ completed by the operators of MEPS+, self-assessment report of MAS responsibilities prepared by the overseers and supervisors of MEPS+, responses to the Questionnaire on FMIs in Singapore, and relevant laws and regulations. The assessor had thorough discussions with MAS staff and private sector representatives.

Overview of Payment, Clearing and Settlement Landscape

A. Description of Landscape

6. FMIs form a key role in facilitating the clearing, settlement and recording of monetary and other financial transactions and fostering financial stability in Singapore. There are multiple infrastructures that handle transactions for payments, securities, and derivatives contracts in Singapore (Figure 1). A brief description by type of infrastructure follows.

Figure 1.
Figure 1.

Financial Market Landscape in Singapore

Citation: IMF Staff Country Reports 2019, 225; 10.5089/9781498325820.002.A001

Source: IMF staff.Note: The DDRS trade repository is not shown.

Payment Systems5

  • MEPS+ Interbank Funds Transfer (MEPS+ IFT). MAS-operated real-time gross settlement system for large-value SGD interbank funds transfers and scripless Singapore Government Securities (SGS) and MAS Bills. MEPS+ is also used for settlement of obligations arising from financial market transactions, such as foreign exchange trades and the cash-leg of securities trades by members of other FMIs. MEPS+ IFT also settles the participants’ net obligations arising from the clearing of SGD checks, Inter-Bank GIRO transactions and FAST transactions in the Singapore Automated Clearing House (SACH). SACH prepares the net settlement files and sends them to MEPS+ IFT for settlement via a leased line linkage between SACH and MEPS+ IFT, at stipulated times within the MEPS+ operating hours.

  • Fast and Secure Transfers (FAST). Retail payment system that provides electronic funds transfer service for customers of the participating banks to make SGD funds transfer 24 x 7 almost instantly. The system is operated by the Banking Computer Services Pte Ltd (BCS), and settlement takes place on MEPS+.

  • Singapore Dollar Cheque Clearing System (SGDCCS). Retail payment system that clears SGD-denominated checks drawn on banks in Singapore. The system is operated by the BCS, and settlement takes place on MEPS+.

  • US Dollar Cheque Clearing System (USDCCS). Retail payment system that clears US dollar-denominated checks drawn on banks in Singapore. The system is operated by the BCS, and settlement takes place at an appointed settlement bank.

  • Interbank GIRO System (IBG). Retail payment system catering mainly for low-value payments. It allows customers of participating banks to transfer funds via credit transfers and direct debits to and from the accounts of customers of any other participating banks. The system is operated by the BCS, and settlement takes place on MEPS+.

  • NETS Electronic Fund Transfers at Point of Sale (NETS EFTPOS). Debit card system operated by the Network for Electronic Transfers (Singapore) Pte Ltd. Settlement takes place at an appointed settlement bank.

  • Continuous Linked Settlement (CLS). Cross-border payment system that settles foreign exchange transactions for the major currencies, including the SGD, on a payment-vs-payment (PVP) basis. Settlement takes place on the books of CLS. Funding of individual currencies take place in the real time gross settlement (RTGS) system of each jurisdiction.

Central Securities Depositories and Securities Settlement Systems

  • MEPS+ Singapore Government Securities (MEPS+ SGS). MAS-operated Central Securities Depository (CSD) and Securities Settlement System (SSS) for the custody and settlement of scripless SGS and MAS Bills.

  • Central Depository (Pte) Limited (CDP-SSS/CSD). CSD and SSS for equities and corporate debt securities. CDP has moved SGD money settlements completely into MEPS+ in December 2018.

Central Counterparties (CCPs)

  • Central Depository (Pte) Limited (CDP-CCP). CCP for all stocks, bonds, and other corporate securities traded on the Singapore Exchange Securities Trading (SGX-ST).

  • Singapore Exchange Derivatives Clearing Limited (SGX-DC). CCP that clears exchange traded and over the counter derivatives.

  • ICE Clear Singapore Pte Limited (ICSG). CCP for derivatives traded on the ICE Futures Singapore Pte Ltd.

  • Asia Pacific Clear Pte Limited (APEX Clear). CCP for derivatives traded on the Asia Pacific Exchange.

Trade Repository

  • DTCC Data Repository (Singapore) Pte Limited (DDRS). Trade repository that enables market participants’ reporting of over the counter derivative transactions (i.e., credit default swaps, interest rate swaps). DDRS is the Singapore subsidiary of the Depository Trust and Clearing Company in the U.S.

B. Description of MEPS+

7. MEPS+ is a systemically important payment system and has a key role in fostering financial stability in Singapore. The first RTGS system (MEPS) was launched in July 1998. The system was later enhanced and relaunched as MEPS+ and it went live in December 2006. As of December 2017, MEPS+ has 63 participants, comprising MAS, 59 commercial banks and 3 FMIs (including CLS, CDP, and SGX-DC). MEPS+ participants access MEPS+ through SWIFT terminals and interfaces, where they submit payment instructions, manage queued transactions and perform online enquiries.

8. MEPS+ operates as two sub-systems settling funds and securities—MEPS+ IFT and MEPS+ SGS. MEPS+ IFT is for the settlement of large value SGD interbank funds transfers and MEPS+ SGS is for the custody and settlement of scripless SGS and MAS Bills transactions. MEPS+ utilizes the SWIFT network, SWIFT services and message type messaging standards as its messaging backbone. MEPS+ operates on weekdays (excluding public holidays) from 9:00 a.m. to 7:00 p.m. Prior to the start of MEPS+ operating hours, funds maintained by MEPS+ participants in their current accounts with MAS are transferred to their RTGS accounts, where they may be used for the settlement of MEPS+ transactions. When an intraday minimum cash balance requirement applies to a participant, only funds in excess of its intraday minimum cash balance requirement are transferred to the RTGS account from which funds are available for settlement of intraday MEPS+ payments.

9. Queuing and gridlock resolution mechanisms ensure that sufficient funds and securities are available for settlement.

  • Funds. Same day payment instructions are settled instantaneously and irrevocably subject to a paying participant holding sufficient balances in its RTGS account. Participants that fail to settle due to insufficient funds are queued. When funds are available, queued instructions are settled according to their assigned priority levels on a first-in-first-out basis. A gridlock detection and resolution mechanism operate every half hour to allow payments to be settled simultaneously on a multilateral gross basis, provided that the resulting positions of all accounts are positive. Queued payments which cannot be settled at the end of a business day are cancelled by MEPS+ and affected participants are informed of such cancelled payments through the appropriate SWIFT messages.

  • Securities. If the seller of SGS or MAS Bills has insufficient SGS or MAS Bills for delivery, the transaction is queued in MEPS+ SGS until sufficient SGS or MAS Bills are available. Once the seller has sufficient SGS or MAS Bills, MEPS+ SGS will earmark the SGS or MAS Bills for transfer to the buyer and generate a payment instruction to MEPS+ IFT on behalf of the buyer. If the buyer has insufficient funds in its RTGS account to pay for the SGS or MAS Bills purchase, the payment will be queued in MEPS+ IFT. When the funds become available, the amount will be debited from the buyer’s RTGS account and credited to the seller’s RTGS account, and transfer of SGS or MAS Bills to the buyer will be simultaneously effected on a delivery-vs-payment (DVP) (Model 1) basis.

10. MEPS+ handled about 5 million transactions valued at SGD 18 trillion in 2017. This translates to an average of about 22,000 transactions valued at about SGD 72 billion daily. During the 12-year period from 2006 to 2017, transactions values peaked at SGD 19 trillion in 2008 (Figure 2). The concentration ratio in terms of value and volume were around 60 percent and 57 percent, respectively.

Figure 2.
Figure 2.

MEPS+ Transaction Volume and Value, 2006–17

Citation: IMF Staff Country Reports 2019, 225; 10.5089/9781498325820.002.A001

Source: MAS

C. Regulatory, Supervisory, and Oversight Framework

11. The legal underpinnings for MEPS+ rest on four main laws, supplemented by agreements. Main legislation includes: (i) MAS Act, Section 29A (Cap. 186); (ii) Payment Systems (Oversight) Act Cap (222A) (PS(O)A); (iii) Payment and Settlement Systems (Finality and Netting) Act (FNA); and (iv) Electronic Transactions Act (Cap. 88). The five main agreements are: (i) the MEPS+ Service Agreement; (ii) Terms and Conditions Governing the Operation of the Current Account of the Specified Institution; (iii) Terms and Conditions Governing the Operation of the Accounts for SGS and MAS Bills; (iv) Terms and Conditions Governing the MAS Intraday Liquidity Facility (ILF); and (v) PSA/International Securities Market Association (ISMA) Global Master Repurchase Agreement (GMRA). The rights and obligations of MAS (as the operator for MEPS+) and the MEPS+ participants are set out in the MEPS+ Service Agreement that MAS entered into with each of the MEPS+ participants.

12. FMIs in Singapore are subject to the regulation, supervision, and oversight by MAS. MAS is empowered by the PS(O)A and the Securities and Futures Act (SFA), which establish the regulatory framework for FMIs, in line with the PFMI. MAS has primary responsibility for the supervision of payment systems, CSDs, SSSs, CCPs and Trade Repositories (TRs) in Singapore. MAS oversees CLS on a cooperative basis as a member of the CLS Oversight Committee (OC), alongside other central banks whose currencies are included in CLS. The CLS OC is chaired by the United States Federal Reserve (USFR). The Monograph on Supervision of Financial Market Infrastructures in Singapore was revised in October 2018 (following issuance in January 2013 and revision in January 2015). The Standards for MAS-operated FMIs were issued in January 2015 and revised in November 2017. The MAS Framework for Impact and Risk Assessment of Financial Institutions, which are applied to system-wide important payment systems, was issued in April 2007 and revised in September 2015.

13. MAS supervises payment systems in Singapore, focusing on the safety and efficiency of payment systems. The supervision covers operators, settlement institutions and participants of payment systems. MAS adopts a risk-based approach in its oversight role, subjecting payment systems that are more important to financial stability and the financial system to closer supervision, while monitoring all other payment systems for on-going developments.

14. The PS(O)A empowers MAS to designate payment systems for closer supervision. The PS(O)A gives MAS two sets of powers. First, MAS could collect payment system-related information from operators, settlement institutions or participants of any payment system in Singapore. MAS is thus enabled to obtain comprehensive and reliable information about payment systems to monitor their development and make informed policy and supervisory decisions. Second, MAS could subject designated payment systems (DPSs) to closer supervision. Regulatory powers over DPSs include the power to impose access regimes, impose restrictions and conditions, establish standards, make regulations, approve and remove chief executive officers and directors, approve the control of substantial shareholding in an operator, issue directions, inspect operations, and assume control of the operations of a DPS under emergency situations. In its supervision of DPSs, MAS undertakes a combination of off-site reviews and assessments, as well as on-site inspections.

15. The designation of payment systems is categorized as follows:

  • Systemically important payment system (SIPS). These are systems whose disruption could trigger or transmit further disruption to participants or cause systemic disruption to the financial system of Singapore. MEPS+ is the only SIPS in Singapore. All SIPS are subject to the PFMI.

  • System-wide important payment system (SWIPS). These are systems whose disruption could affect public confidence in payment systems or the financial system of Singapore. Although a disruption or failure in these systems may have system-wide implications and may affect many users, there is negligible risk of systemic impact to financial stability. The FAST, SGDCCS, USDCCS, IBG system and NETS EFTPOS are SWIPS and have been designated under the PS(O)A. MAS does not subject SWIPS to the PFMI. Instead, SWIPS are subject to an internal risk assessment framework for designated payment systems.

16. The Cyber Security Agency of Singapore (CSA) is the national agency overseeing cybersecurity strategy, operations, education, outreach, ecosystem development and Cybersecurity Act. The Cybersecurity Act establishes a legal framework for the oversight of essential services in Singapore. MAS as a sector regulator, works with the CSA to strengthen the cyber resilience of the CIIs in the banking and finance sector.

D. Major Changes and Reforms

17. The Payment and Settlement Systems (Finality and Netting) Act was amended in 2018 to enhance insolvency protection, provide clarity on designation criteria, and strengthen administrative powers. The changes account for the proliferation of faster payment systems with different settlement models and longer business hours. Insolvency protection was extended to three areas: (i) protection of transfer orders, netting and settlement in a designated system by one business day beyond the day which a participant becomes insolvent; (ii) protection to designated systems which utilize collateral; and (iii) protection from liability for an operator, settlement institution, collateral holder of a designated system or an officer or employee of such an entity for any act or omission which was done with reasonable care and in good faith. Greater clarity on designation criteria was part of the amendments. Designation focuses on critical systems, where operational disruptions could impact other participants, the financial system, or public confidence. MAS intends to designate the FAST and NETS EFTPOS debit card system. MAS administrative powers were also strengthened to obtain information and issue directions to rectify outstanding issues. The participant, operator, settlement institution and collateral holder of a designated system will have an obligation to notify MAS in the event of a potential insolvency.

18. A Payment Services Bill (PSB) to address new activities and risks, following major changes in the payments landscape was proposed in 2018. In November 2017, MAS published a public consultation paper, which sets out a new regulatory framework for payment services. MAS currently regulates several types of payment services under the PS(O)A and the Money-Changing and Remittance Businesses Act (MCRBA). The considerable changes in the payment services landscape in the past few years presented new risks from activities that are beyond the current scope of the PS(O)A and MCRBA. New payment business models have also blurred the lines between activities regulated under these two laws. Therefore, the proposed PSB seeks to address the following: (i) streamline payment services under a single legislation by combining the PS(O)A and the MCRBA; (ii) enhance the scope of regulated activities to consider developments in payment services; and (iii) calibrate regulations according to the risks the activities pose by adopting a modular regulatory regime. The PSB is expected to be introduced in Parliament in late-2018.

19. MAS has led efforts to develop international guidance on cyber resilience for FMIs and has taken relevant steps for MEPS+.6 MAS has established the Cyber Resiliency Framework for MAS-operated CIIs. The framework covers the various cyber resiliency domains such as protection, detection, response and recovery. A dedicated Technical Risk and Assurance Unit is being set-up. MEPS+ enhancements have been made to ensure the necessary data is available for the resumption of settlement operations in the event of a cyber-attack. Efforts have also been initiated to manage operational risks, including expanding surveillance coverage, reinforcing protection capabilities, reducing time to recover, and developing cyber competencies. MAS had also enhanced the tracking and monitoring of the input and output sequence numbers of the SWIFT messages in MEPS+ to enable more timely detection of possible fraudulent messages.

20. MAS has collaborated with the industry in testing distributed ledger technology (DLT) for the clearing and settlement of payments and securities since 2016. Project Ubin is aimed at understanding the technology and its benefits in making financial transactions and processes more transparent, resilient, and economical. The first phase of the project, completed in March 2017, tested the use of digital central bank issued tokens for domestic interbank payments. Privacy, deterministic finality of transactions, and mechanisms for liquidity savings such as netting were considered. The second phase of the project focused on developing liquidity saving mechanisms, which are a key feature of RTGS systems. The DVP phase of the project demonstrated delivery versus payment capabilities to allow financial institutions to carry out the simultaneous exchange and final settlement of tokenized digital currencies and securities assets residing on different blockchain platforms. MAS also worked with the Bank of Canada and the Bank of England to assess alternative models that could enhance cross-border payments and settlements. Future phases of the project will include developing payment versus payment models to link up Project Ubin in Singapore with Project Jasper in Canada.

21. Banks in Singapore have participated in the survey on foreign exchange settlement risk practices in response to international supervisory guidance issued in 2013.7 The last survey was completed in July 2001, prior to the onboarding of the SGD to CLS. The Basel Committee on Banking Supervision (BCBS) Supervisory Guidance for Managing Risks associated with the Settlement of Foreign Exchange Transactions has been incorporated into the supervisory framework of MAS (MAS Credit Risk Management Guidelines and MAS Notice 637). MAS’ supervisory expectations for banks include their management of foreign exchange settlement risk as part of their counterparty risk management framework. Recommendations are communicated to banks where practices are not aligned with supervisory expectations. Given that some banks are MEPS+ participants, the supervisory expectations have helped manage potential foreign exchange settlement risks, which encourages the use of payment-versus-payment arrangements (such as CLS), where practicable.

Summary Assessment of MEPS+

A. Observance of the Principles

22. The assessment of MEPS+ finds that most of the principles are observed, but also identifies areas for potential improvement relative to international best practices. MEPS+ observes 17 principles and broadly observes one principle, which is on operational risk (Table 1). Six principles were assessed as being not applicable. To achieve full observance for operational risk, enhancements to the cyber resiliency of the central bank and MEPS+ would need to be substantially implemented. While MEPS+ has observed most of the minimum standards of the PFMI, the mission has identified opportunities for improvement in view of rapid technological changes, evolving risks, and comparisons with international best practices that the authorities’ may want to consider.

Table 1.

Ratings Summary of MEPS+

article image

General Organization (Principles 1–3)

23. The legal basis is sound with further enhancements made for insolvency protection, designation criteria, and administrative powers for MAS. The MAS Act (Section 29A) provides MAS with the legal authority to establish and operate MEPS+. MEPS+ is designated under the FNA, which provides settlement finality and protection from the application of the “zero-hour” rule in the event of a participant default. The MEPS+ Service Agreement with MAS forms the contractual basis and includes the MEPS+ Operating Rules, which are binding on the participant, and between the participant and MAS and all other participants in MEPS+. MEPS+ Operating Rules (Rule 17.1) provides finality and irrevocability for transactions.

24. Governance arrangements are clear and transparent and should continue to ensure the independence of the oversight and supervisory functions for MEPS+. Supervisory and operational functions for MEPS+ are separated into different organizational units and have distinct reporting lines to different management to prevent potential conflicts of interests. MAS has appointed a member to its Board-level Risk Committee (Chief Defense Scientist at the Singapore Ministry of Defense) who has specialist expertise and experience in technology and cyber risk management, and also a Chief Cyber Security Officer (CCSO) to its senior management team to help strengthen the cyber resiliency of the MAS and the financial sector. The CCSO is a member of the Management Critical Information Infrastructure Committee (CIIC), which is chaired by the Deputy Managing Director (Corporate Development) who supports the Managing Director of MAS in overseeing the design, implementation, operations and risks associated with running MEPS+. As the CCSO is a new and important role which is held concurrently by the Executive Director of TRPD, which is the overseer and supervisor of MEPS+, MAS should review the role clarity and reporting line of the CCSO to ensure the independence of the TRPD. This should aim to prevent perceived or potential conflicts of interest between the oversight and operational responsibilities for MEPS+. The TRPD head is a member of the Management Financial Supervision Committee (MFSC), which is the governing oversight body of MEPS+. The CCSO is also a member of the CIIC, which is responsible for the operations of MEPS+. As the CCSO role, responsibilities, and resource implications continues to evolve, MAS may consider if a full-time position is warranted.

25. MEPS+ has a sound risk management framework where operational, credit, liquidity and legal risks have been identified, but should include potential DLT-related risks. The MAS Board has established the MEPS+ risk management framework to manage operational risk since it was assessed as the most material risk in MEPS+. The framework sets out the roles and responsibilities of departments, operational targets and risk tolerance limits on system reliability, resilience and security. As the potential for DLT adoption by FMIs to handle different asset classes such as for cash, securities and foreign exchange could materialize in the near to medium term,8 the mission recommends a review and analysis of other relevant potential risks for MEPS+. This should be guided by the CPMI analytical framework for DLT in payment, clearing and settlement, which considers risk implications such as legal basis, governance, settlement finality, financial risk and operational risk.9

Credit Risk, Collateral, and Liquidity Risk (Principles 4–5 and 7)

26. MAS does not face credit risk as the operator of MEPS+. As the central bank, MAS mitigates its exposure to credit risk by requiring participants to provide collateral against borrowing from MEPS+ participants. MAS offers the ILF which allows MEPS+ participants to borrow SGD on an intraday and collateralized basis to facilitate the settlement of SGD payments and help prevent system gridlocks owing to timing mismatches. The ILF is available only to participants who have executed the PSA/ISMA GMRA with MAS. MAS accepts SGS and MAS Bills as collateral in exchange for SGD cash via the ILF.

27. Collateral with low risks are accepted to manage credit exposures from participants and are subject to valuation and conservative haircuts. Eligible collateral under the ILF is limited to SGS and MAS Bills. These constitute the highest quality liquid assets available domestically. The list of eligible collateral is reviewed annually. Collateral is marked to market daily. Collateral valuation is performed based on an established framework and management approval is sought for exceptions. Haircuts are determined based on the approved haircut framework, which analyses the value-at-risk of debt securities in each class. To ensure that the haircuts are sufficiently able to withstand stressed market conditions, the price movements of the securities under stressed scenarios are taken into consideration in the calibration of the haircuts. Haircuts are subject to annual reviews or as and when the need arises. Periods of stressed market conditions are incorporated in the calibration of the haircuts.

28. MAS does not face liquidity risk as the operator of MEPS+. MAS does not act as the central counterparty or guarantee the settlement of transactions entered into MEPS+. To support the liquidity needs of MEPS+ participants and assist them in managing their liquidity risks, MAS offers ILF to MEPS+ participants, which allows them to borrow SGD, interest-free, on an intraday and collateralized basis, to settle their SGD payments. MEPS+ has automatic gridlock detection and resolution features. MEPS+ features monitoring tools for intraday liquidity management of MEPS+ participants, such as daily maximum liquidity usage, available intraday liquidity at the start of the business day, total payments, and time-specific obligations. MAS conducts annual stress tests on banks by reviewing the impact on banks’ settlement and knock-on impact on other participants, under different scenarios. These scenarios include the failure of a key participant, and multiple key participants from a country or region. Results of these stress tests are shared with management and other relevant departments.

Settlement (Principles 8–9)

29. Settlement finality is clear and certain in MEPS+. The FNA provides for the finality and irrevocability of transactions carried out on MEPS+ and it applies where the rules of a designated system provide that the transactions are final and irrevocable. MEPS+ processes payment and securities transfer instructions for settlement on a real-time basis. Settlement in MEPS+ takes place continuously throughout the day whenever a payment is accepted by the system and participants have sufficient funds and SGS and MAS Bills in their MEPS+ accounts. Unsettled payments and securities transfers at the end of day are automatically cancelled.

30. Payments in MEPS+ settle in SGD only on a real-time gross settlement basis in central bank money. MAS does not act as the central counterparty or guarantee the settlement of transactions by MEPS+ participants.

Exchange-of-Value Settlement Systems (Principle 12)

31. Principal risks arising from the settlement of securities transactions are eliminated through delivery versus payment capabilities in MEPS+. For the RTGS of SGS trades and MAS Bills, MEPS+ has implemented DVP processing. Each leg of the DVP trade is accorded finality under the FNA upon settlement. The linked obligations are settled on a gross basis. MEPS+ has implemented DVP Model 1 for processing securities transfer instructions from participants, and payment of SGD corporate bonds traded by participants in the CDP. The FNA provides the legal certainty that all transactions settled by MEPS+ are final and irrevocable notwithstanding the insolvency of a participant.

Default Management (Principle 13)

32. MEPS+ has clearly defined rules and procedures to manage a default by a participant and it has an annual contingency drill and testing of its default procedures. The MEPS+ Service Agreement sets out the definition of default, and the procedures for handling a default of a participant. MAS conducts an annual contingency drill on key aspects of the participant-default procedures. The drill and associated tests cover, among others, the failure of the largest net debit bank in meeting its check/Inter-Bank GIRO obligations and the failure of a participant bank. These tests also include the recasting of the check/Interbank GIRO obligations.

General Business and Operational Risk Management (Principles 15–17)

33. MAS manages the general business risks of operating MEPS+ based on the enterprise-wide budgeting and accounting processes. This allows it to monitor, manage and control its operating expenses, including those arising from MEPS+ operations.

34. As the operator of MEPS+, MAS does not use commercial custodian services for its own or participants’ assets (cash, SGS and MAS Bills).

35. MAS monitors and manages MEPS+ operational risks based on international and national standards as well as MAS-issued guidelines and notices on financial institutions. MEPS+ participants view the system as reliable, resilient and fit-for-purpose.10 MEPS+ was not affected by the trading disruptions reported for the SGX in 2014 and 2016. 11 The systems, policies, procedures and controls to monitor and manage the operational risks are documented in the MEPS+ Operational and Risk Management Framework, various Information Technology Department (ITD) manuals and the annual MEPS+ risk assessments. MAS, as the MEPS+ operator, reviews its MEPS+ outsourcing arrangements annually and continually ensures that there is proper management control and oversight as well as assessments of the risk and impact of the outsourcing arrangements. As part of the annual review, MAS requires its critical service providers (CSPs) to submit self-attestations that cover a specific set of requirements such as its financial strength, operational controls and processes, and physical and information security. To achieve full observance for operational risk, enhancements to the cyber resiliency of the central bank and MEPS+ would need to be substantially implemented. With the heightening of cyber risks at the international level, MAS could consider: (i) enhancing enterprise-level cyber resiliency with mandatory information security awareness training and course completion for all MAS staff on a regular basis; (ii) applying ratings in the annual self-attestations submitted by MEPS+ CSPs to support the continuation of critical services for MEPS+ and ensuring that external audit is completed against acceptable national or international standards; and (iii) monitoring the compliance of MEPS+ participants with the mandatory controls of the SWIFT Customer Security Program, and ensuring self-attestations are audited.

Access (Principles 18–19)

36. MEPS+ access and participation requirements include publicly disclosed risk-based criteria, which permit fair and open access. Access to MEPS+ is open to all banks and regulated entities of systemic importance such as the CDP and SGX-DC that meet MAS’ prudential standards. Requirements for participation in MEPS+ take into consideration that the applicant is appropriately licensed and approved by MAS or adequately supervised by a competent authority in the country where the applicant is established or licensed. In assessing an entity’s application, MAS will review the entity’s creditworthiness, and risks posed to system and other participants amongst other strict admission criteria. Participants also have to demonstrate their continuous capacity to effectively operate the technical equipment of the electronic payment system.

37. MAS monitors and manages the material risks to the FMI arising from tiered participation arrangements in MEPS+. Direct participants are required to submit an annual return to MAS on the total volume and value of the MEPS+ transactions that they perform on behalf of indirect participants. MAS analyzes these annual statistics to identify, monitor and manage the risks arising from any material dependencies between direct and indirect participants. Indirect participants whose average daily value of MEPS+ payments through their direct participants exceed SGD 500 million may be required to participate in MEPS+ directly.

Efficiency (Principles 21–22)

38. MEPS+ efficiency and effectiveness are measured by the extent to which the operational standards and targets are met. Qualitative and quantitative operational standards and targets are defined and are documented in the MEPS+ Operational and Risk Management Framework. Performance against the operational standards and targets are reported monthly to the CIIC. MEPS+ adopts a full cost recovery policy. As a matter of practice, fees are set at a level to achieve within 90 percent to 110 percent of the three-year average actual cost recoverability ratio. MEPS+ operational, development and capital costs that meet the recognition criteria as fixed assets in accordance with accounting standards are capitalized and depreciated over a period of three to five years. Fixed assets are reported in MAS financial statements. MEPS+ fee schedules are reviewed annually by ITD, which seeks approval from the CIIC and MAS’ Executive Committee (EXCO).

39. MEPS+ uses internationally accepted communication procedures and standards. The SWIFT network and SWIFT messaging standards are used for all funds settlement and securities transfer instructions, which are also used by the participants. MAS is in the process of consultations with the banking industry on the adoption of ISO 20022.

Transparency (Principle 23)

40. MEPS+ operating rules and procedures are documented in the MEPS+ Service Agreement and the Operations and Contingency Manual, which are made public. The last disclosure for MEPS+ was published in June 2018 and includes statistics on transaction volume and value. MEPS+ participants are also disclosed on the MAS website. The disclosure is updated every two years. To further enhance transparency and thus foster public understanding and confidence in the payment system, MAS should consider public disclosure of additional information on material developments and quantitative indicators such as MEPS+ system availability, average daily liquidity, and throughput time in the MEPS+ disclosure framework. This is particularly important with operational incidences associated with MEPS+, FMI interdependencies, and MEPS+ CSPs.

B. Recommendations for MEPS+

List of Prioritized Recommendations

article image
article image

”Immediate” is within one year; “near–term” is 1–3 years; “medium-term” is 3–5 years.

Summary Assessment of Authorities’ Responsibilities

A. Observance of the Responsibilities

41. The assessment of MAS responsibilities suggests that most responsibilities are observed (Table 2). Responsibility B on powers and resources is assessed as having broad observance because of resource constraints relative to the broad scope of responsibilities in light of the evolving payments landscape. Potential opportunities for improvement relative to international best practices are as follows.

Table 2.

Ratings Summary of MAS Responsibilities

article image

Regulation, Supervision, and Oversight of FMIs (Responsibility A)

42. MEPS+ is subject to appropriate and effective regulation, supervision, and oversight by the MAS. Section 7(1) of the PS(O)A empowers MAS to designate and subject a payment system to closer supervision and various regulatory requirements. Criteria for DPSs are clearly defined and disclosed in the PS(O)A and the Monograph on Supervision of FMIs in Singapore. All relevant PFMI principles applicable to MEPS+ are stated in the Standards for MAS-Operated FMIs. Within MAS, the TRPD is responsible for the supervision of payment systems in Singapore.

Regulatory, Supervisory, and Oversight Powers and Resources (Responsibility B)

43. MAS is the sole authority in Singapore responsible for the regulation, supervision and oversight of all the payment systems in the country. MAS’ regulatory powers over DPSs include the power to impose access regimes, impose restrictions and conditions, establish standards, make regulations, approve and remove chief executive officers and directors, approve the control of substantial shareholding in an operator, issue directions, inspect operations, and assume control of the operations of a DPS under emergency situations. The PS(O)A also mandates external audits of a DPS and imposes the obligation on a DPS to notify MAS of significant changes in its operations. Section 6 of the PS(O)A empowers MAS to collect information from all payment systems in Singapore. Section 22 of the MAS Act provides immunity to MAS officers discharging their responsibilities.

44. There appears to be insufficient resources for discharging oversight and supervisory responsibilities for MEPS+ relative to the current and future scope of responsibilities of the TRPD. As at July 2018, there were 5 staff in the payment systems oversight and supervision unit of the TRPD involved in the supervision of DPS.12 Specialist staff from technology risk and business continuity management teams also supports the supervision of payment systems, such as during inspections. Following organizational changes that included the set-up of the MAS Fintech and Innovation Group (FTIG) in 2015, some experienced staff and payments policy work from the TRPD moved to the FTIG. For example, public consultations on the FNA amendment and proposed PSB were led by the FTIG. Part of the responsibilities of the payment systems oversight and supervision unit of the TRPD also involves participation in international forums such as the CLS OC, SWIFT Oversight Forum, CPMI, and the CPMI/IOSCO Steering Group. Given its broad mandate and responsibilities, MAS should increase resources for the payment systems oversight and supervision unit of the TRPD. The unit is responsible for the oversight and supervision of MEPS+, DPSs (FAST, SGDCCS, USDCCS, IBG, NETS EFTPOS), CLS, credit bureaus, and SWIFT. The unit has a limited number of staff working on payment systems oversight and supervision. Increasing resources would support the detailed annual assessment of MEPS+ and other DPSs, which could evolve in systemic importance (particularly for FAST).13

Disclosure of Policies with Respect to FMIs (Responsibility C)

45. MAS’ approach to supervision of FMIs is described in the publicly available Monograph on the Supervision of FMIs in Singapore. The Monograph highlights MAS’ supervisory objectives of ensuring the safety and efficiency of FMIs and provides an overview of the regulatory framework for FMIs as set out by the PS(O)A. The standards against which MEPS+ is supervised is also clearly set out in the Standards for MAS-Operated FMIs document.

46. To further enhance transparency in its oversight and supervisory responsibilities, MAS should consider the following: (i) enhance the independent review of MEPS+ with an annual assessment report with ratings prepared by the TRPD, endorsed by the MFSC, and publicly disclosed;14 and (ii) enhance the transparency of MAS FMI responsibilities, including MEPS+, by publishing an annual report on FMI and payments for Singapore, which could include analysis of associated risks for MEPS+.15

Application of the Principles for FMIs (Responsibility D)

47. MAS adopts the PFMI in its supervision of SIPS. Currently, MEPS+ is the only SIPS in Singapore. In addition, MAS may impose higher or more specific requirements on FMIs, as appropriate, in the context of specific risks, or in the context of wider financial sector stability. For MEPS+, all relevant principles are fully adopted by MAS and included in the standards document. MAS conducts annual assessments to understand the risk profile of each operator of SWIPS, as well as to highlight areas of concern and remedial actions. Ratings are given for each assessment. The possibility of SWIPS becoming a SIPS is discussed during such annual assessments.

48. To clarify the application of the PFMI, authorities should consider: (i) revising the Monograph on Supervision of Financial Market Infrastructures to describe the standards used for designated SWIPS and the associated risks which are assessed relative to the PFMI; and (ii) assessing on an annual basis the need to apply the PFMI to SWIPS with respect to horizon-scanning and changes in their risk profiles (such as value limit increase, cross-border features).

Cooperation with Other Authorities (Responsibility E)

49. CLS is the only SIPS which is subject to cooperative oversight and has participation from MAS. The USFR chairs the CLS OC, in which MAS participates alongside other central banks whose currencies are included in the CLS. The USFR organizes and administers the CLS OC, which operates in accordance with the Protocol for Cooperative Oversight of CLS. MAS contributes to the cooperative oversight of CLS by reviewing, providing views, and raising questions on CLS oversight matters, such as its operations and risk management practices.

50. MAS, as a sector lead, works with the CSA to strengthen the cyber resilience of the CIIs in the banking and finance sector. The Cybersecurity Act allows the Minister to appoint officers from the sector regulator as Assistant Commissioner to assist the Commissioner to oversee and enforce cybersecurity requirements on the CII Owners (CIIOs), to proactively protect the CIIs and respond to cybersecurity threats and incidents in Singapore. CSA manages incident reporting through MAS as CSA’s sector lead / regulator, in fulfilment of Cybersecurity Act by the CIIOs.

B. Recommendations for Authorities

List of Prioritized Recommendations

article image

”Immediate” is within one year; “near–term” is 1–3 years; “medium-term” is 3–5 years.

Detailed Assessment of MEPS+

article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image

Detailed Assessment of Mas Responsibilities

article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image
article image