Statute Details
- Title: Private Security Industry (Security Service Providers) Regulations 2009
- Act Code: PSIA2007-S168-2009
- Type: Subsidiary Legislation (SL)
- Enacting Authority: Made by the Minister for Home Affairs under section 39 of the Private Security Industry Act (Cap. 250A)
- Citation: SL 168/2009
- Commencement: 27 April 2009
- Status: Current version as at 27 March 2026
- Key Provisions (from extract): Regulation 2 (electronic application), Regulation 4 (licence fee), Regulation 5 (approval to change security service types), Regulation 6 (notification of changes in particulars), Regulation 8 (notification of changes in directors/partners and persons with substantial interest/control), Regulation 9 (request for information), Regulation 11 (malfunction/failure of electronic service), Regulation 13 (false statements, etc.), Regulation 14 (photographs and fingerprints), Regulation 15 (offences)
- Amendment History (highlights): Amended by S 632/2010 (1 Nov 2010); S 438/2022 (1 Jun 2022); S 589/2025 (31 Dec 2021 and 15 Sep 2025—multiple effective dates)
What Is This Legislation About?
The Private Security Industry (Security Service Providers) Regulations 2009 (“PSIA Regulations”) sets out the regulatory mechanics for licensing security service providers in Singapore under the Private Security Industry Act (Cap. 250A). In practical terms, it tells licensed security service providers what they must do to maintain their licence, how they must report changes, and what information and biometric materials may be required by the licensing authority.
While the Private Security Industry Act establishes the overall licensing framework, the Regulations focus on operational compliance. They impose procedural duties—especially around electronic filing, timely notifications, and cooperation with licensing officers. They also create enforcement hooks: the licensing officer can request information, require photographs and fingerprints, and offences are created for non-compliance.
For practitioners, the Regulations are particularly important because they translate licensing obligations into concrete timelines (commonly 14 days), specify when prior approval is needed (for changes in the types of security services), and provide for “deemed notification” where information is already furnished to other government registries (e.g., the Accounting and Corporate Regulatory Authority (ACRA) under the Companies Act or the Limited Liability Partnerships Act).
What Are the Key Provisions?
Electronic licensing processes (Regulations 2 and 11). Regulation 2 requires that applications for a security service provider’s licence must be made using the electronic service provided by the licensing officer. This is a compliance-critical point: failure to use the prescribed electronic channel can create procedural defects. Regulation 11 addresses what happens if the electronic service malfunctions or fails. In such circumstances, the licensing officer may determine the form and manner for applications, approvals, and notifications. For counsel, this means that in a systems outage scenario, the “default” electronic requirement may be temporarily replaced by alternative procedures directed by the licensing officer.
Licence fee (Regulation 4). Regulation 4 fixes the fee payable for a security service provider’s licence at $126 (as reflected in the extract). Although seemingly straightforward, fee provisions can affect budgeting, licence renewal planning, and the timing of applications. Where amendments alter fees, practitioners should verify the current fee amount in the latest version.
Prior approval for changes in the types of security services (Regulation 5). Regulation 5 is one of the most important substantive compliance provisions. It prohibits a licensed security service provider from, without first obtaining the licensing officer’s written approval, (a) engaging in the provision of any type of security service in addition to the types the provider is licensed (or approved) to provide, or (b) changing the types of security services it is licensed (or approved) to provide. This is a classic “scope of licence” control: the licence is not a blanket permission to expand services freely. Practically, if a provider intends to add a new security service category, it must obtain written approval before doing so.
Timely notification of changes in particulars (Regulation 6). Regulation 6 requires a licensed security service provider to inform the licensing officer in writing of any change in particulars declared in the licence application, within 14 days after the change takes place. There is an important carve-out for residential address changes: where the provider reports the change under section 10 of the National Registration Act 1965 within 14 days, the provider is deemed to have informed the licensing officer in compliance with Regulation 6(1) “so far as that paragraph applies to residential addresses.” This reduces duplication and creates a clear compliance pathway for address updates.
Notification of changes involving directors, partners, and persons with substantial interest/control (Regulation 8). Regulation 8 is detailed and is often where compliance risk concentrates. It distinguishes between different corporate forms (company vs limited liability partnership) and different categories of persons whose changes must be reported.
For companies, Regulation 8(1) and (2) require notification of changes in directors’ particulars declared in the licence application within 14 days, using the electronic service. However, if the provider is required under section 173A of the Companies Act 1967 to furnish the Registrar with the relevant information, and the information is furnished within 14 days, the provider is deemed to have notified the licensing officer in compliance. This “deemed notification” mechanism is significant: it allows providers to rely on statutory corporate filing processes rather than duplicating separate notifications, provided timing and statutory triggers are met.
For limited liability partnerships, Regulation 8(3) and (4) similarly require notification of changes in partners’ particulars within 14 days, again with deemed notification if the provider lodges the required statement with the Registrar under section 34 of the Limited Liability Partnerships Act 2005 within the same timeframe.
Regulation 8(5) then expands the duty beyond formal officeholders. It requires notification within 14 days where there is a change in the identity or particulars of any person having substantial interest in, or control or direction over, the business of the licensed security service provider. Regulation 8(6) provides an exception: this paragraph does not apply where the person with substantial interest/control is already a director or partner of the company/LLP. Regulation 8(7) and (8) again provide deemed notification where information is lodged with the Registrar under specified Companies Act and LLP Act provisions within 14 days.
Request for information (Regulation 9). Regulation 9 empowers the licensing officer to require, by written notice, that a licensed security service provider furnish information—about the provider’s business or employees—within 14 days from the notice date. This is a broad investigative/compliance power. Practitioners should advise clients to maintain internal records that can be produced quickly, including employee rosters, training records, and any relevant business information the licensing officer might reasonably request.
Photographs and fingerprints (Regulation 14). Regulation 14 authorises the licensing officer to require the taking and recording of photographs and fingerprints. Although the extract truncates the remainder of Regulation 14, the key point is that biometric capture can be demanded as part of licensing administration. From a legal risk perspective, providers should ensure they have procedures to comply promptly with such requirements and to manage consent, data handling, and access controls consistent with applicable privacy and data protection obligations.
False statements and offences (Regulations 13 and 15). The extract indicates Regulation 13 addresses false statements, etc., and Regulation 15 creates offences. Even where the text is not fully reproduced in the extract, the structure is typical: false or misleading information provided to the licensing officer, or failure to comply with specified duties (notifications, approvals, biometric requirements, or information requests), can attract criminal or regulatory penalties. Practitioners should treat these provisions as high-risk: compliance failures may be framed not only as administrative breaches but also as offences.
How Is This Legislation Structured?
The PSIA Regulations are organised into a short set of operational regulations followed by a schedule (which is indicated as “repealed” in the extract). The main regulations can be grouped as follows:
(1) Citation and licensing mechanics: Regulation 1 (citation and commencement) and Regulation 2 (electronic application).
(2) Financial and scope controls: Regulation 4 (licence fee) and Regulation 5 (prior approval for changes in types of security services).
(3) Ongoing compliance and reporting: Regulation 6 (changes in particulars), Regulation 8 (changes in directors/partners and persons with substantial interest/control), and Regulation 9 (request for information).
(4) Contingencies and enforcement: Regulation 11 (malfunction/failure of electronic service), Regulation 13 (false statements), Regulation 14 (photographs and fingerprints), and Regulation 15 (offences).
Who Does This Legislation Apply To?
The Regulations apply to “licensed security service providers”—that is, entities that hold a security service provider’s licence under the Private Security Industry Act. The compliance duties are therefore directed at the licensed provider as the regulated entity, not directly at individual security officers (though employees are relevant for information requests and biometric requirements).
Regulation 8 makes clear that the provider’s internal governance structure matters. The duties extend to changes in directors (for companies), partners (for LLPs), and persons with substantial interest or control/direction over the business. Accordingly, the Regulations affect corporate and LLP governance and require coordination between compliance teams, corporate secretarial functions, and licensing officers.
Why Is This Legislation Important?
First, the Regulations operationalise the licensing regime. A security service provider’s licence is not static; it must be maintained through timely reporting and controlled expansion of service scope. Regulation 5’s prior approval requirement is especially important for business development: providers cannot assume that adding a new service category is permissible without formal approval.
Second, the Regulations create clear timelines—most notably the recurring 14-day period. This is practical for compliance management systems. A provider that implements a “change notification” workflow (triggered by corporate filings, internal approvals, or HR events) can reduce the risk of late reporting and potential offences.
Third, the licensing officer’s powers under Regulation 9 (information requests) and Regulation 14 (photographs and fingerprints) mean providers must be prepared for ongoing regulatory engagement. In enforcement terms, non-cooperation or delays can have serious consequences, particularly where false statements or failures to comply are criminalised under Regulation 13 and Regulation 15.
Related Legislation
- Private Security Industry Act (Cap. 250A)
- Companies Act 1967
- Limited Liability Partnerships Act 2005
- National Registration Act 1965
- Data protection and privacy framework (relevant to biometric handling, including photographs and fingerprints)
Source Documents
This article provides an overview of the Private Security Industry (Security Service Providers) Regulations 2009 for legal research and educational purposes. It does not constitute legal advice. Readers should consult the official text for authoritative provisions.