Statute Details
- Title: Payment Services Act 2019
- Act Code: PSA2019
- Type: Act of Parliament
- Long Title (summary): Licensing and regulation of payment service providers; oversight of payment systems; consequential amendments to other Acts
- Commencement: Not specified in the provided extract (practitioners should confirm the commencement date in the official version)
- Current version status: “Current version as at 27 Mar 2026” (per provided extract)
- Key structural parts: Part 1 (Preliminary); Part 2 (Licensing and conduct of business); Part 3 (Payment systems); Part 4 (Inspection) and Part 4A (Investigations); Part 5 (Emergency powers); Part 6 (Assistance to foreign regulatory authorities); Part 7 (Offences); Part 8 (Miscellaneous); Part 9 (Consequential amendments); Part 10 (Saving and transitional)
- Selected key provisions (from extract): s 4 (appointment of assistants); s 5–13 (licensing framework); s 14–21A (conduct and safeguarding obligations); s 22–25 (security and interoperability for major payment institutions); s 27–36 (control of controllers); s 34–36 (control of officers); s 37–40 (audit); s 41–46 (information gathering and designation of payment systems); s 47–54 (obligations and access regime); s 55–57 (voluntary transfer of business); s 72–76 (inspection and confidentiality); s 76A–76U (investigative powers); s 78–83 (emergency powers); s 84–89 (foreign assistance); s 90–96 (offences); s 101–103 (codes/guidelines and regulations)
What Is This Legislation About?
The Payment Services Act 2019 (“PSA”) establishes a comprehensive regulatory regime for payment services in Singapore. In plain terms, it requires businesses that provide “payment services” to be licensed (or otherwise fall within an exemption), and it gives the regulator—under the Act, the relevant Authority—powers to supervise those licensees and the payment systems they use or operate. The PSA is designed to manage risks such as customer harm, operational failure, fraud, and systemic risk in payment infrastructure.
The Act also regulates “designated payment systems”. These are payment systems that the Authority designates because they are important to the efficiency, competitiveness, or stability of the payment ecosystem. For designated systems, the PSA imposes additional obligations on operators and settlement institutions, including reporting, governance controls, audit requirements, and—critically—an “access regime” that can require fair and non-discriminatory access for participants.
Finally, the PSA provides enforcement tools that go beyond licensing. It includes inspection and investigation powers, emergency powers that allow the Authority to intervene if a payment entity cannot meet its obligations, and mechanisms for cooperation with foreign regulatory authorities. Together, these features make the PSA a cornerstone of Singapore’s payments regulation, including for digital payment token-related services and e-money-related activities.
What Are the Key Provisions?
1) Licensing framework and who must be licensed. Part 2 begins with the licensing requirement. Section 5 provides for licensing of payment service providers, while sections 6 and 7 address applications and variations/changes to licences. Section 8 deals with “holding out” as a licensee (a common compliance risk where a firm markets itself as licensed without proper authorisation). Section 9 prohibits solicitation, which is aimed at preventing improper or misleading recruitment/marketing practices that could undermine regulatory safeguards.
2) Ongoing licence management: fees, lapsing, suspension, and appeals. The PSA includes administrative and enforcement mechanisms. Section 10 provides for annual fees of licensees. Section 11 addresses lapsing, surrender, revocation, or suspension of a licence—important for practitioners advising on regulatory risk and continuity planning. Section 12 allows appeals to the Minister, giving a procedural route for challenging certain regulatory decisions.
3) Conduct of business: notification, information, reporting, and restrictions. The PSA imposes continuous compliance duties. Sections 14–17 cover place of business/registered office requirements, notification of certain events to the Authority, provision of information, and submission of periodic reports. These provisions are central to regulatory oversight: they create a compliance “paper trail” and enable early detection of issues.
Sections 18–21A introduce substantive operational restrictions. For example, section 18 prohibits the use of an unlicensed agent, which is critical where a licensee relies on third parties for distribution or customer onboarding. Section 19 prohibits exchanging e-money withdrawn from a payment account for Singapore currency—this targets certain arbitrage or conversion practices that could create regulatory or consumer-protection concerns. Section 20 prohibits carrying on certain businesses, preventing licensees from engaging in activities that may conflict with the payment services framework or increase risk. Section 21 references the application of section 14 of the Currency Act 1967, indicating cross-legislative coordination. Section 21A adds additional requirements for a licensee providing a digital payment token service, reflecting the PSA’s modernisation for crypto-adjacent payment services.
4) Major payment institutions: security and safeguarding; interoperability. The PSA distinguishes between different categories of payment service providers. For “major payment institutions”, sections 22–25 are particularly important. Section 22 requires security, and section 23 requires safeguarding of money received from customers. These provisions are designed to protect customer funds and reduce the risk of loss due to insolvency or mismanagement.
Sections 24 and 25 address personal payment accounts containing e-money and the Authority’s powers to ensure interoperability between payment accounts and between payment systems. Interoperability is a policy objective: it reduces fragmentation and can improve efficiency and consumer choice. Practically, these provisions may require systems integration, standardisation, and compliance with technical or operational conditions imposed by the Authority.
5) Governance controls: controllers and officers. The PSA contains “fit and proper” style governance controls through multiple divisions. Sections 27–36 focus on control of controllers of licensees, including control of shareholding (s 28), objections to existing control (s 29), directions by the Authority (s 30), information-gathering (s 31), offences/penalties and defences (s 32), and appeals (s 33). Sections 34–36 similarly address approval and removal of key officers (chief executive officer, director, or partner), with appeals to the Minister (s 36). These provisions are vital for corporate structuring, M&A diligence, and board-level compliance.
6) Audit requirements. Sections 37–40 require auditing and empower the Authority to appoint auditors (s 38). They also restrict auditors’ and employees’ right to communicate certain matters (s 39), and create offences for destroying, concealing, altering, etc., records (s 40). For practitioners, these provisions underscore that audit is not merely a statutory formality; it is part of the enforcement architecture.
7) Payment systems: designation, obligations, and access regime. Part 3 regulates payment systems. Division 1 provides information gathering powers (s 41). Division 2 allows the Authority to designate payment systems (s 42) and prohibits holding out as a designated payment system (s 43). The Authority can impose conditions or restrictions (s 44) and withdraw designation (s 45). Division 2 also includes exemptions for operators, settlement institutions, or participants where designation is intended to ensure efficiency or competitiveness (s 46).
Division 3 imposes obligations on operators and settlement institutions, including place of business/registered office (s 47), notification of certain events (s 48), periodic reporting by operators (s 49), and notification of businesses and acquisition of corporations (s 50). Division 4 introduces the access regime: the Authority may impose an access regime (s 51), vary it (s 52), or revoke it (s 53). Importantly, there is a right to apply to the General Division of the High Court in respect of the access regime (s 54), which provides judicial oversight of regulatory access decisions.
8) Voluntary transfer of business. Division 5 (ss 55–57) addresses voluntary transfer of business, including interpretation (s 55), the transfer mechanism (s 56), and approval requirements (s 57). This is relevant to corporate reorganisations involving payment system operations.
9) Inspection, investigations, and emergency powers. Part 4 provides inspection powers (s 72) and confidentiality protections for inspection reports (s 74), as well as rules on self-incrimination (s 75) and saving for advocates and solicitors (s 76). Part 4A expands enforcement with investigative powers. It includes requirements for persons to appear for examination (s 76E), examination procedures (ss 76F–76J), conditions on copies of records (s 76K), and broad powers to order production of books, provision of information, or access to data (s 76L). The Authority may enter premises without warrant (s 76M) and seek warrants to seize books (s 76N). It also provides evidential rules for use of evidence in criminal investigations and proceedings (ss 76T–76U).
Part 5 then provides emergency powers. If a “payment entity” is unable to meet obligations, the Authority can take action (s 78). For designated payment systems, emergency powers apply (s 79), including assumption of control (s 80) and other provisions concerning control (s 81). Directors and officers have responsibilities (s 82), and the Act addresses remuneration and expenses in certain cases (s 83). These provisions are critical for contingency planning and crisis governance.
10) Offences and penalties. Part 7 creates offences by corporations (s 90), unincorporated associations/partnerships (s 91), and officers (s 92). It also includes offences relating to falsification of records by officers (s 93) and a general duty to use reasonable care not to provide false information to the Authority (s 94). Practitioners should treat record-keeping and information accuracy as high-risk compliance areas.
How Is This Legislation Structured?
The PSA is structured in a logical regulatory sequence: it starts with preliminary matters (Part 1), then moves to licensing and conduct obligations (Part 2). It separately addresses payment systems (Part 3), recognising that system-level risks require different tools than provider-level licensing. Enforcement powers are then provided through inspection (Part 4) and investigations (Part 4A), followed by emergency intervention powers (Part 5). The Act also includes cross-border cooperation (Part 6), then offences and miscellaneous provisions (Parts 7 and 8). Finally, it contains consequential amendments (Part 9) and saving/transitional provisions (Part 10) to manage continuity for existing regulated entities.
Who Does This Legislation Apply To?
The PSA applies to “payment service providers” that provide regulated payment services in Singapore, including entities that may be licensed as payment service providers or that qualify for exemptions. It also applies to operators and settlement institutions of “designated payment systems”, and to participants within those systems where relevant to the access regime and related obligations.
In addition, the PSA applies to persons connected to licensees and operators—such as controllers (shareholding/control arrangements) and officers (key management roles). The governance and enforcement provisions mean that compliance is not limited to corporate entities; it extends to individuals who hold or influence control, and to auditors and other professionals involved in compliance and reporting.
Why Is This Legislation Important?
The PSA is important because it provides the legal foundation for Singapore’s regulated payments environment. For practitioners, it is not only a licensing statute; it is a full-spectrum regulatory framework covering customer protection (through safeguarding and security), market integrity (through restrictions on business conduct and agent use), and systemic stability (through payment system designation and access regimes).
From an enforcement perspective, the PSA’s inspection and investigative powers, combined with emergency powers, mean that compliance failures can escalate quickly. The Authority’s ability to obtain information, require production of books and access to data, and use evidence in criminal proceedings increases the stakes for record-keeping, governance, and internal controls.
Commercially, the PSA affects structuring and transactions. Governance controls over controllers and officers influence M&A diligence, shareholder changes, and board appointments. Interoperability powers and access regimes can also affect product design and technical integration strategies for payment system participants.
Related Legislation
- Banking Act 1970
- Business Names Registration Act 2014
- Companies Act 1967
- Currency Act 1967
- Financial Holding Companies Act 2013 (as referenced in consequential amendments)
- Criminal Procedure Code 2010 (referenced in evidential use provisions within investigations)
Source Documents
This article provides an overview of the Payment Services Act 2019 for legal research and educational purposes. It does not constitute legal advice. Readers should consult the official text for authoritative provisions.