Effective 1 July 2025

Introduction

The Monetary Authority of Singapore (MAS) has issued the updated Guidelines to MAS Notice SFA04-N02 on the Prevention of Money Laundering and Countering the Financing of Terrorism, effective 1 July 2025.

These revised Guidelines introduce several key updates aimed at strengthening the anti-money laundering and countering the financing of terrorism (AML/CFT) framework for financial institutions. The updates outline enhanced expectations on risk management practices, customer due diligence, ongoing monitoring, and sanctions compliance.

Alpha Compliance provides a summary of the key updates below to help CMIs and financial institutions prepare for implementation.

Proliferation Financing (PF):

Proliferation Financing (PF) refers to the act of raising, transferring, or providing funds, assets, or other economic resources whether in full or in part to individuals or entities for the purpose of developing or spreading weapons of mass destruction. This includes activities related to their delivery systems or associated materials, such as dual-use goods and technologies used for non-legitimate purposes.

These requirements are grounded in the Financial Services and Markets Act 2022 (FSM Act) and the FSM Sanctions Regulations, which govern sanctions and freezing of assets of designated persons.

MAS clarifies that PF risks are part of Money Laundering (ML) and Terrorism Financing (TF) risks. CMIs must therefore incorporate PF risk considerations into their enterprise-wide risk assessment and controls. Institutions are also required to integrate insights from Singapore’s National Risk Assessment (NRA) reports including ML, TF, and PF assessments when evaluating their risk profiles.

https://www.mas.gov.sg/regulation/anti-money-laundering/ml-tf-pf-risk-assessments

Reliability of Information and Documentation

A new clause requires Capital Market intermediaries (CMI) to ensure that all staff are provided staff with clear guidance on how to identify indicators of fraudulent or tampered data, documents, or information. Appropriate processes should also be in place to ensure that such red flags are promptly escalated and that suitable ML/TF risk mitigation measures are applied.

Examples of potential indicators include:

• significant discrepancies between the information provided by the customer and information obtained from reliable, independent sources (for example, corporate data sources);
• irregularities in financial statements, which are not in line with the CMI’s understanding of the customer’s profile; or
• missing certification or sign-off by relevant authorities, such as auditors or notaries public.

Ongoing Monitoring

When ongoing monitoring identifies an increase in the money laundering or terrorism financing (ML/TF) risk associated with an existing business relationship, a company should promptly implement appropriate, risk-based measures. The updated Guidelines highlight possible actions such as conducting pre-transaction checks or imposing account restrictions to manage elevated risks.

Additionally, MAS introduced requirements for digital token transaction. Capital Markets Intermediary (CMI) must also apply enhanced risk mitigation measures where a transaction involves sending or receiving a digital (CMP) token to or from any entity that is not:

• A financial institution as defined under Section 2 of the Financial Services and Markets Act (FSM Act); or
• A foreign financial institution that is regulated and supervised for compliance with anti-money laundering and countering the financing of terrorism (AML/CFT) standards consistent with those set by the Financial Action Task Force (FATF).

Screening

The 2025 update clarifies obligations for sanctions screening and handling of positive matches:

• Assets must be frozen immediately and without notice when a sanctioned person or entity is identified.
• The freeze and a Suspicious Transaction Report (STR) must be reported to MAS within one business day of suspicion.
• Screening sources must include commercial databases, reliable internet search engines, and official sanctions lists under the FSM Sanctions Regulations and the Terrorism (Suppression of Financing) Act (TSOFA).

To ensure accuracy and accountability, the CMI should apply a “four-eye check” on alerts generated from sanctions reviews before closure or conduct quality assurance reviews on a sample basis for closed alerts.

Enhanced Customer Due Diligence
Customer Risk-High Risk Shell companies

As part of the 2025 updates to the Guidelines to MAS Notice SFA04-N02, the Monetary Authority of Singapore (MAS) has introduced a new illustrative example (Example VII) highlighting indicators of higher-risk shell companies.

Customers who display characteristics commonly associated with higher-risk shell companies, including but not limited to:

1. unclear economic purpose for requiring account relationship in Singapore:

• g. foreign-incorporated companies with no business presence or activities in Singapore seek to open accounts in Singapore (including through a nominee arrangement);

1. unclear economic purpose for linking a common individual / address to multiple companies:

• g. multiple companies are linked to the same registered address, where the address is not in line with and/or fit for the companies’ nature of business;
• g. use of nominee individuals to obscure beneficial ownership and control of the account;
• unrelated third parties (e.g. foreigners) added to operate account after account opening:
• g. authorised signatories or directors are changed, post-account opening, to allow unrelated third parties to operate the account;

1. unusual change of corporate structure / beneficial owner after account opening;
2. suspicious transactions which are not in line with the CMI’s understanding of customer; or
3. superficial corporate websites inconsistent with scale of business:

• g. companies (including newly incorporated companies) that are stated to be involved in a wide range of activities without a dominant product/expertise;
• g. corporate websites have vague descriptions and limited information, which are not in line with the turnover or business nature of the companies.

Additional guidance:

1. MAS Guidance Paper on Effective Practices to Detect and Mitigate the Risk from Misuse of Legal Persons (June 2019)
2. MAS Guidance to Capital Markets Intermediaries on Enhancing AML/CFT Frameworks and Controls (January 2019)
3. AML/CFT Industry Partnership (ACIP) Best Practice Paper on Legal Persons Misuse Typologies and Best Practices (May 2018)

Beneficial Ownership Information

The updated Notice SFA04-N02 expand requirements for identifying and verifying beneficial owners of customers.

CMIs has to collect a complete set of information for each beneficial owner whether an individual, company, or legal arrangement to ensure transparency over ultimate ownership and control.

A CMI is required to obtain, at minimum, the beneficial owner’s full name (including aliases, if any), identification number, residential address, date of birth, and nationality.
Where the beneficial owner is a legal person or arrangement, the CMI must gather details such as its registration or tax identification number, registered and principal business address, date and place of incorporation, purpose of establishment, and governing documents (e.g., trust deed or constitution).

CMIs must also take reasonable steps to verify the identity and existence of each beneficial owner using reliable, independent sources such as government registries, official records, or certified documents.

For legal persons, this verification should confirm the entity’s legal form, proof of existence, and governing powers.

Where the CMI has assessed that money-laundering or terrorism-financing risk is not high, and despite reasonable efforts certain data (such as identification number or residential address) cannot be obtained, the CMI may record the date of birth and nationality instead of the identification number, and the business address instead of the residential address.

In all such cases, the CMI must document its risk assessment and the measures taken, providing a clear rationale for relying on alternative information and demonstrating that the customer presents a low ML/TF risk.

Source of Wealth and Source of funds

The updated Guidelines introduces clearer expectations on how financial institutions should verify a customer’s Source of Wealth (SoW) and Source of Funds (SoF).

MAS states Source of Wealth as the origin of a customer’s and beneficial owner’s total wealth including the initial seed money that generated subsequent wealth, as well as any gifts or other assets they have received.

Verification Requirements

If a CMI is unable to verify a customer’s source of wealth or source of funds that is material or presents a higher ML/TF risk, it must assess whether the residual risk arising from the lack of corroboration is acceptable.

Where verification cannot be fully completed, the CMI should implement additional risk-mitigation measures, such as:

1. Obtaining senior management approval before establishing or continuing the business relationship; and
2. Applying enhanced ongoing monitoring of the customer’s activities to manage any remaining exposure

Third-Party or Gift-Derived Wealth

If a customer’s or beneficial owner’s source of wealth comes from a gift or asset received from a third party, the CMI must confirm that the gift or asset is legitimate and reasonable.

This includes:

1. Verifying the relationship between the customer (or beneficial owner) and the third party
2. Checking the transactions involved using reliable sources such as bank statements or credible public records (where possible)

The CMI should also assess whether the third party’s own source of wealth is plausible.
If this cannot be confirmed, the CMI must evaluate the residual risks and apply additional risk mitigation measures such as senior management approval or enhanced monitoring where necessary.

If the CMI cannot reasonably confirm this, it should assess whether there are grounds to end the business relationship and whether a Suspicious Transaction Report (STR) needs to be filed.

Other Higher Risk Categories

MAS further clarified that A CMI should document whether additional documentary or public-source corroboration of SoW/SoF is required.

The CMI may assess whether such additional corroboration is necessary where the customer is:

1. a listed company with publicly available information on its wealth-generating activities, or
2. a financial institution supervised for AML/CFT compliance consistent with FATF standards and subject to corporate-governance or other regulatory requirements.

In addition, a Company should pay attention to changes in the customer’s risk profile, information and/or transactions that would warrant corroboration of the customer’s and any beneficial owner’s source of wealth and source of funds and do so in a timely manner.

Suspicious Transactions Reporting  

1. Early Escalation of Higher-Risk ML/TF Concerns:
2. CMIs must now have formal processes to identify, prioritise, and review higher-risk ML/TF concerns before a suspicion arises.
3. Ensure that such concerns of higher ML/TF risk are reviewed promptly.

• Any higher ML/TF risk concerns that cannot be reviewed promptly must be escalated to senior management or an equivalent oversight body to ensure that appropriate ML/TF risk-mitigation measures are applied.

2. Time-Bound STR Filing Requirements:
3. A CMI must ensure its internal review to determine whether an STR is warranted is completed without undue delay. An STR must be filed no later than five business days after a suspicion is first established, unless exceptional circumstances apply.
4. For cases involving sanctioned parties or persons acting on their behalf, the STR must be filed as soon as possible and no later than one business day after the suspicion is first identified.
5. Supplementary STRs for further suspicions:
6. After an STR has been filed, if further suspicion arises concerning the customer or any of their transactions, the CMI must assess whether a supplementary or additional STR should be submitted.

This ensures that new information is promptly reported and that the institution maintains continuous vigilance over existing relationships.

Compliance Governance

• The responsibilities of the AML/CFT Compliance Officer should include reporting to senior management on the outcomes of reviews conducted on the CMI’s compliance with the Notice, Guidelines, the FSM Sanctions Regulations, and the institution’s risk assessment procedures.

Conclusion 

These 2025 updates reinforce MAS’s continued focus on strengthening Singapore’s AML/CFT and PF framework. Financial institutions are encouraged to review their internal policies, procedures, and controls to ensure full alignment with the revised requirements by 1 July 2025.