Singapore Crypto Regulation 2026: MAS Framework Explained
🇸🇬 Singapore · Crypto Regulation
Singapore Crypto Regulation 2026: MAS Framework Explained
Singapore remains one of the most crypto-friendly regulated jurisdictions globally — but “friendly” does not mean permissive. The MAS framework has tightened significantly since 2022. This is the complete 2026 guide for crypto businesses seeking to operate in or from Singapore.
📋 5 sections · ~8 min read
MAS · PSA · DPT · Stablecoins
Updated April 2026
📋 In This Guide
5 sections · ~8 min read
1
Singapore’s crypto regulatory structure
MAS, PSA, the DPT licence, and how they fit together
2
Who needs a DPT licence
Exchanges, OTC desks, custodians, and the exemptions
3
MAS licence requirements in 2026
Capital, AML/KYC, consumer protection, tech risk
4
Singapore stablecoin framework
SCS regime, reserve requirements, and who it covers
5
Singapore vs other APAC and global hubs
How it compares to Hong Kong, UAE, and EU for crypto businesses
🏛️ Section 1
Singapore’s Crypto Regulatory Structure
Singapore’s approach to crypto regulation is comprehensive, activity-based, and enforced by the Monetary Authority of Singapore (MAS). Unlike some jurisdictions that have adopted a single crypto-specific law, Singapore regulates crypto activities primarily through the Payment Services Act (PSA) — which was significantly amended in 2022 and further updated for stablecoins in 2023. Understanding the structure is the starting point for any compliance assessment.
The Singapore crypto regulatory map
As of April 2026
1
Payment Services Act (PSA) — primary framework Core law
The PSA governs payment services in Singapore, including Digital Payment Token (DPT) services — MAS’s term for cryptocurrency exchange, transfer, and custody services. Amended by the Payment Services (Amendment) Act 2021, the PSA now covers a broader range of DPT activities and imposes more stringent requirements. All crypto businesses providing DPT services in or from Singapore must hold a licence under the PSA unless an exemption applies.
2
Securities and Futures Act (SFA) — for digital securities Token classification
If a digital token constitutes a capital markets product — a security, unit in a collective investment scheme, or derivative — it is regulated under the Securities and Futures Act, not the PSA. Token classification is the first step in any Singapore crypto compliance analysis. Tokens that are securities require a Capital Markets Services (CMS) licence for dealing, advising, and fund management activities. MAS applies a substance-over-form test to token classification.
3
Stablecoin framework — standalone regime since 2023 Since August 2023
MAS introduced a standalone stablecoin regulatory framework in August 2023, covering Single-Currency Stablecoins (SCS) pegged to the Singapore Dollar or G10 currencies. Issuers of regulated stablecoins must be incorporated in Singapore, hold reserve assets meeting specific standards, and disclose reserve composition. This framework is separate from the DPT licence and applies specifically to stablecoin issuers — not to exchanges that list stablecoins.
📋 Section 2
Who Needs a DPT Licence
The PSA requires a licence for providing any of the seven categories of payment services — including DPT services. Under the PSA amendments effective from April 2024, the definition of DPT services was expanded, and the licence categories were restructured. Understanding whether your activity requires a licence — and which type — is the first compliance question for any crypto business considering Singapore.
🏦
Major Payment Institution (MPI)
For larger operations
Full licence
Required if DPT transaction volumes exceed SGD 3 million in a calendar month, or if the business holds customer funds or digital tokens in custody. The MPI licence is the standard licence for crypto exchanges, OTC desks, and custodians operating at scale in Singapore. It carries the most comprehensive requirements — capital, AML/KYC, consumer protection, and technology risk management.
→Min. base capital: SGD 250,000
→Timeline: 6–18 months from application to licence
🏪
Standard Payment Institution (SPI)
For smaller operations
Limited licence
Available if DPT transaction volumes remain below SGD 3 million per month and no customer funds or tokens are held in custody. Lower capital and compliance requirements than MPI, but the transaction volume cap limits its utility for businesses seeking to grow. Most early-stage crypto businesses targeting Singapore start with SPI and upgrade to MPI as volume grows.
→Min. base capital: SGD 100,000
→Volume cap: SGD 3M per month per DPT service
🚫
No licence required
Exempt activities
Check carefully
Not all crypto activities require a PSA licence. Activities that do not constitute DPT services under the PSA include: proprietary trading for own account only (not customer funds), DeFi protocol development without custody, and pure software/infrastructure provision without facilitating transactions. However, the boundaries are not always clear and have changed with the 2021 and 2024 amendments.
→Exemptions are narrow — get a formal legal opinion before relying on one
→MAS enforcement has targeted businesses claiming exemptions incorrectly
⚠️
Operating without a licence
Providing DPT services in Singapore without a PSA licence is a criminal offence under Section 5 of the PSA. Penalties include fines up to SGD 500,000 and/or imprisonment up to 3 years for individuals. MAS has demonstrated willingness to prosecute. Do not rely on informal advice that your activity is exempt — obtain a formal legal opinion.
📋 Section 3
MAS Licence Requirements in 2026
MAS has significantly tightened DPT licence requirements since 2022. The tightening reflects both the fallout from the FTX collapse and the broader global trend toward higher standards for crypto asset service providers. The current requirements are demanding — comparable to those for a regulated financial institution, not a fintech startup.
MPI licence requirements checklist (2026)
Not negotiable
🏢
Singapore incorporation and local presence
The applicant must be incorporated in Singapore. At least one executive director must be ordinarily resident in Singapore. MAS expects genuine operational substance — not a letterbox entity. A registered office address with staff who actually work there is required, and MAS conducts site visits during the application process.
Genuine substance required — not a letterbox
💰
Capital requirements
MPI: minimum base capital of SGD 250,000 (approximately EUR 175,000). SPI: minimum SGD 100,000. Capital must be maintained on an ongoing basis. MAS may require higher capital for businesses with larger balance sheets or higher risk profiles. Capital requirements for DPT custodians are higher due to the safeguarding obligation for customer assets.
🔍
AML/KYC and Travel Rule compliance
MAS Notice PSN02 sets out detailed AML/CFT requirements for DPT service providers — equivalent to banking-grade standards. This includes CDD for all customers, enhanced due diligence for high-risk customers, transaction monitoring, suspicious transaction reporting to the Suspicious Transaction Reporting Office (STRO), and Travel Rule compliance for transfers above SGD 1,500. MAS expects documented policies, procedures, and a compliance officer with relevant experience. For a comprehensive overview of these requirements, see our AML/KYC compliance services.
Travel Rule: transfers above SGD 1,500
🛡️
Consumer protection — retail access restrictions
Following the 2022 MAS consultation, DPT service providers are prohibited from offering DPT trading services to retail customers in Singapore unless they have passed a risk awareness assessment. Operators must assess customer knowledge and risk tolerance before allowing retail access. Credit facilities for retail DPT purchases are prohibited. These restrictions apply to locally-licensed operators — foreign platforms accessing Singapore retail customers without a licence remain in breach.
💻
Technology risk management
MAS’s Technology Risk Management (TRM) Guidelines apply to DPT service providers. These require robust IT security, incident response planning, penetration testing, and board-level oversight of technology risk. For custodians and exchanges, the guidelines address cold storage requirements, key management procedures, and cyber incident reporting obligations. MAS expects documented evidence of compliance — not just a policy document.
💱 Section 4
Singapore Stablecoin Framework
Singapore’s stablecoin framework, effective August 2023, is one of the most detailed stablecoin-specific regulatory regimes globally. It covers Single-Currency Stablecoins (SCS) pegged to the Singapore Dollar or any G10 currency, issued in Singapore. The framework is significant not just for Singapore-based issuers but as a reference point for the global stablecoin regulatory conversation.
Who it covers
SCS issuer requirements
→Must be incorporated in Singapore
→Must hold a Major Payment Institution licence with DPT and e-money services
→Minimum base capital: SGD 1 million
→Covers SGD-pegged and G10 currency-pegged stablecoins issued in Singapore
Reserve requirements
What backs the stablecoin
→Reserves must equal or exceed outstanding stablecoin value at all times
→Permitted reserve assets: cash, cash equivalents, and short-term government securities
→Daily reserve reporting to MAS required
→Redemption at par value within 5 business days — guaranteed
MAS-regulated label
The stablecoin quality mark
Compliant SCS issuers can label their stablecoins as “MAS-regulated stablecoins” — a quality mark intended to distinguish regulated Singapore stablecoins from unregulated alternatives. This label requires MAS approval and is significant for institutional adoption. Stablecoins that do not meet the SCS requirements cannot use this label, and MAS has indicated it will take action against issuers who misuse it.
🌍 Section 5
Singapore vs Other Hubs: The 2026 Comparison
For crypto businesses choosing a jurisdiction for incorporation, licensing, and operations, Singapore competes primarily with Hong Kong, UAE (ADGM/VARA), and — for European operations — EU jurisdictions. The choice depends on target markets, business model, and the regulatory relationship the business wants with its home regulator.
Greater China market access, retail exchanges, securities token offerings
MENA-focused exchanges, faster licensing, digital asset funds (ADGM)
💡
The Singapore verdict for 2026
Singapore is the right jurisdiction for crypto businesses that want a credible, well-established regulated status recognised by institutional counterparties — and are willing to invest the time and substance to get it. The MAS licence is hard to obtain and expensive to maintain, but it carries real institutional weight globally. Businesses seeking faster licensing timelines or lower capital requirements should look at UAE (VARA or ADGM) or Hong Kong. For businesses specifically targeting the EU market, a Singapore licence does not substitute for an EU VASP/CASP licence under MiCA. See our crypto licensing services for a full jurisdiction comparison.
Singapore MAS Licence Application Support
WCR Legal advises crypto businesses on Singapore MAS licence applications, DPT regulatory analysis, AML/KYC programme preparation, and stablecoin framework compliance. We have experience with both MPI and SPI applications across exchange, OTC, and custody business models.
No commitment required · Confidential initial consultation · Response within 1 business day
Frequently Asked Questions
No — to obtain a PSA licence for DPT services, the applicant must be incorporated in Singapore. A foreign company cannot hold a Singapore PSA licence directly. Foreign companies serving Singapore customers without a locally incorporated and licensed entity are in breach of the PSA if their activities constitute DPT services. MAS has taken action against foreign platforms marketing to Singapore residents without a licence.
MAS does not publish a fixed timeline, but well-prepared applications for an MPI licence typically take 9–18 months from submission to licence grant. MAS conducts a thorough assessment of the applicant’s business model, fit and proper checks on key persons, AML/CFT programme, technology risk management, and financial resources. Poor preparation — incomplete documentation, inadequate AML policies, or questions about key persons — significantly extends the timeline. Pre-application engagement with MAS to discuss the proposed business model is strongly recommended before formal submission.
No. MiCA does not have a third-country equivalence or passporting regime — a Singapore MAS licence does not provide any right to operate in the EU under MiCA. Crypto asset service providers that want to serve EU clients (particularly retail clients) need a separate EU CASP licence. There is no exemption for Singapore-licensed operators. If your business model requires both APAC and EU access, you need separate licences in each jurisdiction. For EU licensing options see our MiCA EU crypto licence guide.
For businesses targeting institutional clients, Asian markets, and stablecoin operations, yes — Singapore remains one of the most credible crypto licences globally. The MAS licence is recognised by institutional counterparties, international banks, and corporate treasury programmes in a way that many other crypto licences are not. For businesses primarily targeting retail clients, the consumer protection restrictions make Singapore less attractive than Hong Kong or UAE. The right answer depends on your business model, target market, and the regulatory relationship you want with your home regulator.
Oleg Prosin is the Managing Partner at WCR Legal, focusing on international business structuring, regulatory frameworks for FinTech companies, digital assets, and licensing regimes across various jurisdictions. Works with founders and investment firms on compliance, operating models, and cross-border expansion strategies.
Post Comment