Singapore

MAS releases Joint Statement of Intent on Data Connectivity with BSP

In recognition of the importance of data connectivity in financial services, Bangko Sentral ng Pilipinas (BSP) and The Monetary Authority of Singapore (MAS) have agreed on and jointly issue a statement of intent.

BSP and MAS have said they recognise that the ability to aggregate, store, process, and transmit data across borders is critical to the development of the financial sector, as stated in a press release. The expanding use of data in financial services and the increasing use of technology to supply financial services offer a range of benefits, including greater consumer choice, enhanced risk management capabilities, and increased efficiency. These developments also pose new and complex risks for markets and challenges for policymakers and regulators. BSP and MAS are committed to working together and with other countries and authorities to promote an environment in financial services that fosters the development of the global economy.

Promotion of data connectivity

Data localisation requirements can increase cybersecurity and other operational risks, hinder risk management and compliance, and inhibit financial regulatory and supervisory access to data. Data mobility in financial services supports economic growth and the development of innovative financial services, and benefits risk management and compliance programs, by, amongst others, making it easier to detect cross-border money laundering, terrorist financing patterns, and proliferation financing; defend against cyberattacks; and manage and assess risk on a global basis.

Based on this shared understanding, the BSP and MAS intend to promote the adoption and implementation of policies and rules that facilitate the following goals with respect to the operation of banks and non-bank financial institutions falling within the jurisdiction of either BSP or MAS (“covered institutions”):

  • Covered institutions should be allowed to transfer data, including personal information, across borders by electronic means provided this activity is for the conduct of the business within the scope of their license, authorisation, or registration.
  • The location where covered institutions can store and process their data should not be restricted as long as BSP and MAS have full and timely access to the data necessary to fulfil their regulatory and supervisory mandate.
  • If BSP or MAS is unable to access the data as described in paragraph 2.2(b) above, covered institutions should have the opportunity to remediate such lack of access before being required to use or locate computing facilities locally.

BSP and MAS also intend to, as appropriate, encourage other authorities to adopt policies and rules which facilitate the goals set out above.

Information sharing

BSP and MAS also intend to share information on developments related to the adoption and implementation of the policies and rules referred to above.