The Financial Services and Markets (Amendment) Bill was recently published on Singapore Statutes Online, the online platform of the Singapore government to publicize legal documents. The Bill modifies the Financial Services and Markets Act 2022 and the Corruption, Drug Trafficking and Other Serious Crimes (Confiscation of Benefits) Act 1992 to establish the legal framework for the implementation of the new digital platform called COSMIC, which is an abbreviation of „Collaborative Sharing of ML/TF Information & Cases”. COSMIC brings together financial institutions and allows the sharing of information among participants on „customers that exhibit multiple red flags indicative of potential illicit activities“.
The Bill therefore establishes the legal framework which shall govern the operation of COSMIC. In an accompanying Explanatory Briefing, the Monetary Authority of Singapore (MAS) states that in the initial phase, the six major commercial banks in Singapore – the DBS, OCBC, UOB, SCB, Citibank, and HSBC – will jointly develop the information-sharing framework with a particular focus on
– preventing market abuse from the use of shell companies;
– preventing the misuse of funds intended for trade financing; and
– preventing proliferation financing.
Some information sharing will be mandatory, while others will be up to the institutions. In the future, MAS plans to expand COSMIC to include further financial institutions and further areas of focus.
In the now published Financial Services and Markets (Amendment) Bill, modifications to above noted Acts are made to
1. permit the sharing of information only for the purpose of mitigating money laundering, the financing of terrorism, and proliferation financing risks. Financial institutions may not share any information on customers whose transactions do NOT indicate any illicit behavior. Additionally, the sharing of mandatory „shared information“ must take place, irrespective of any other laws, contracts, or negotiations of and with other parties.
2. permit the sharing of information only via COSMIC. Other disclosures of such information is strongly prohibited, with a few specified exemptions (e.g. for regulatory supervision). Furthermore, institutions are obliged to develop policies and procedures to safeguard against the unauthorized „use and disclosure of information“ which includes the implementation of adequate cyber security controls.
3. protect institutions against civil liabilities with respect to the disclosures made on COSMIC. Institutions will not have to fear civil suits as a consequence of their information sharing on COSMIC so long as they act with „reasonable care and in good faith, and in accordance with the disclosure thresholds“.
4. permit necessary adjustments to COSMIC and access to information for supervisory purposes. In this context, both MAS and the STRO, Singapore’s Financial Intelligence Unit, will be permitted direct access to the information on COSMIC for supervisory purposes, particularly to ensure that the involved financial institutions are compliant with the rules and regulations in this Bill and to enable the regulators to follow up on identified illicit transactions.