Case: CIMB Bank Bhd v World Fuel Services (Singapore) Pte Ltd [2020] SGHC 117 – Claim failed for inability to prove document was authentic

Significance: The Singapore High Court dismissed the bank’s claim to enforce a Deed of Debenture as the bank failed to prove that the debenture was authentic. The bank failed to call as witnesses the persons who signed the debenture, choosing instead to rely on other factual witnesses (not expert witnesses) to give evidence on the signatories’ signatures.

Continue reading “Case: CIMB Bank Bhd v World Fuel Services (Singapore) Pte Ltd [2020] SGHC 117 – Claim failed for inability to prove document was authentic”

6 Ways Businesses Can Maximise Their Downtime During COVID-19 Season

By Ronald JJ Wong and Nee Yingxin

If your business is experiencing a slow-down because of Circuit Breaker and social distancing measures during this COVID-19 season 19, now is the best time to repair legal foundations, review internal systems, and position your business for when things pick up again.

Here are 6 key areas you should review.

Continue reading “6 Ways Businesses Can Maximise Their Downtime During COVID-19 Season”

Legislation Update: COVID-19 (Temporary Measures) Act 2020

Photo by cottonbro from Pexels

Summary

If your business has been affected by COVID-19, consider if you may seek temporary relief under the new law or object to another party relying on such relief.

First, determine if your contract falls within the Scheduled Contracts.

Second, analyse or get legal advice on whether the inability to perform obligations is to a material extent due to a COVID-19 event.

Third, if you are the defaulting party, serve a notification for relief. If you are the non-defaulting party, consider whether to apply to the assessor for determination if such relief is entitled.

Fourth, if you have ongoing legal proceedings or action or arbitral proceedings, consider if you are barred from continuing further steps.

If your organization requires the conduct of meetings e.g. Annual General Meetings, take note of alternative arrangements for the conduct of meetings which would be compliant with circuit breaker and other measures.

If you are a property owner or tenant, consider if you may be required or entitled to pass or receive the benefits of property tax reductions.

Continue reading “Legislation Update: COVID-19 (Temporary Measures) Act 2020”

Case Update: Cybersquatting, Contracts, Illegality & Public Policy: 3 Corporate Services Pte Ltd v Grabtaxi Holdings Pte Ltd [2020] SGHC 17

A commentary on 3 Corporate Services Pte Ltd v Grabtaxi Holdings Pte Ltd [2020] SGHC 17

By Ronald JJ Wong & Arthur Chin


Photo by Hitarth Jadhav from Pexels

Outline

I. Executive Summary
II. Material Facts
III. Issues before the Court
A. The Enforceability Issue
B. The Relief Issue
C. The Public Policy Issue
IV. Comment

I. Executive Summary

1.     In the recent case of 3 Corporate Services Pte Ltd v Grabtaxi Holdings Pte Ltd [2020] SGHC 17 (“Grabtaxi Holdings”), Lai Siu Chiu SJ addressed, among other things, a novel question: whether cybersquatting or abusive registration of domain names is a recognisable head of public policy which can render contracts that run contrary to this policy non-enforceable.

2.     Though cybersquatting is not illegal under Singapore law, Lai SJ in this decision opined that the extensive and pervasive use of Internet has rendered the need for the Singapore courts to step in and ensure that the rights of legitimate trademark owners are well protected.

3.     At the outset, we note that the case was decided on the issue of whether the offer letter in dispute was a valid and enforceable agreement. Therefore, the court’s findings on cybersquatting is obiter dicta.

II. Material Facts

4.     Ho Qiyang Mark (“Mark”) is the sole shareholder and director of the plaintiff, 3 Corporate Services Pte Ltd (“3 Corporate”). 3 Corporate sued Grabtaxi Holdings Pte Ltd (“Grabtaxi”) for specific performance and/or damages, alleging that Grabtaxi had reneged on an agreement to buy over a domain name “grab.co.id” (“the Domain Name”) from 3 Corporate for US$250,000.00.

5.     In July 2017, one Priscilla, a friend of Grabtaxi’s CEO Anthony Tan (“Anthony”) informed Anthony that 3 Corporate owned the Domain Name and that this domain could be of interest to Grabtaxi. Grabtaxi then entered into negotiations with 3 Corporate to purchase the Domain Name. In the course of negotiations, Mark allegedly represented to Grabtaxi that an Indonesian company called PT Rajwali (“Rajwali”), which has a substantial interest in Go Jek and a separate taxi business called Rajwali Express, would be keen to purchase the Domain Name from 3 Corporate in a bid to resell it to Grabtaxi at a higher price.

6.     Subsequently, Grabtaxi prepared a letter of offer (“the Offer Letter”) addressed to 3 Corporate stating the terms and conditions for the purchase of the Domain Name. Although the letter was addressed to 3 Corporate, it was signed by one Ashwyn Denzil (“Ashwyn”), whom Mark represented as an employee of Top3 Media Pte Ltd (“Top3”), which Mark is a 50% shareholder of.

7.     It later transpired that 3 Corporate also controls other domain names, such as “www.grab.com.sg”, “www.grab.com.vn” and “www.grab.ph”. 3 Corporate and/or Top3 have also registered more than 1,000 domain names similar and/or identical to other well-known brands. Grabtaxi felt that Mark’s dealings raised too many questions and so decided against proceeding with the sale and purchase agreement with 3 Corporate.

III. Issues before the Court

8.     3 Corporate alleged that Grabtaxi had wrongfully repudiated the agreement reached between the parties through the Offer Letter. Thus, it claimed specific performance from Grabtaxi of the agreement incorporated in the Offer Letter, and in the alternative, damages.

9.     Consequently, there were three (3) issues for the court’s determination (at [114]):

(a)     Whether the Offer Letter is a valid and enforceable agreement (“the Enforceability Issue”);

(b)     If the Offer Letter is valid and enforceable, what loss has the plaintiff suffered so as to be entitled to damages and if the plaintiff can be awarded specific performance in lieu of damages (“the Relief Issue”); and

(c)     Whether 3 Corporate is a cybersquatter and if so, whether the Offer Letter is non-enforceable as being contrary to public policy (“the Public Policy Issue”).

A. The Enforceability Issue

10.     The court held that the Offer Letter is not a valid and enforceable agreement as against Grabtaxi. The court found at [126] that although the Offer Letter was addressed to 3 Corporate, it was only signed by Ashwyn, who was not an employee, shareholder or director of 3 Corporate.

11.     The court also found at [127] that the Domain Name is at all material times registered under Ashwyn’s name; there was no declaration of trust from Ashwyn that the Domain Name was to be held on behalf of Mark or 3 Corporate; and there was also no director’s resolution from 3 Corporate authorising Ashwyn to execute the Offer Letter on its behalf. Thus, the Offer Letter was not enforceable by the plaintiff.

B. The Relief Issue

12.     It is trite that in determining whether to grant any equitable remedy, the court will consider the clean hands doctrine. The court found that neither 3 Corporate nor Mark, as the sole shareholder and director, came before the court with clean hands.

13.     In coming to this conclusion, the court found at [131]-[133] that:

(a)     Mark had not been truthful to Grabtaxi in the course of negotiations – he had represented to Grabtaxi, through Priscilla, that he was in negotiations with Rajwali and was close to a deal when in actual fact the letter of intent from Rajwali was made well after the Offer Letter to Grabtaxi;

(b)     Mark’s conduct was questionable – his brother and his brother’s wife had registered 1,233 domain names through 3 Corporate and its related companies. In this respect, the court made reference to an online article Ashwyn adduced in evidence which distinguished domain name investing (which was purported to be the practice of buying and selling non-trademarked domain names) from cybersquatting (which purportedly involved the purchasing of domains for trademarked names or variations of the same); and

(c)     Mark, his brother, and his brother’s wife had registered the domain names in the hope that they could then flip them to buyers for handsome returns.

14.     The court also found at [134] that 3 Corporate had not proved that it has suffered any loss. Further, since 3 Corporate does not actually own the Domain Name, it is not entitled to recover the sale price of US$250,000.00 even if the Offer Letter is enforceable.

C. The Public Policy Issue

15.     On the Public Policy Issue, the court held at [135] that 3 Corporate is a cybersquatter because it had engaged in “the deliberate, bad faith abusive registration of domain names in violation of rights in trademarks and service marks”.

16.     As there is neither a statutory definition of cybersquatting in Singapore nor a universal definition (at [102]), the court considered several English cases on passing off and trademark infringement involving cybersquatting.

17.     At [136], the court considered Global Projects Management Ltd v Citigroup Inc and others [2005] EWHC 2663 (Ch) (“Global Projects”) where the English court described the phenomenon of cybersquatting at [12] in the following terms:

“Persons with no connection with a well-known business name would find some permutation containing the name and a suffix, but where that particular permutation had not been registered by the real owner of the business. The person concerned would then register that permutation himself and try to make money through being bought out by the true owner.”

18.     The court considered at [138] the English High Court decision of Marks & Spencer v One In A Million [1997] 42 IPR 21 (“Marks & Spencer”) where the court granted injunctive relief against the defendants for registering numerous domain names and then attempting to sell the rights to these names for large sums of money to the companies concerned.

19.     The court further considered at [139] British Telecommunications plc v One In A Million [1999] 1 WLR 903 (“BT”) where the court granted the plaintiffs injunction to restrain the defendants’ use of the relevant domain names on the basis of passing off and breach of the plaintiffs’ registered trademarks. Likewise, the defendants specialised in registering domain names incorporating well-known names and trademarks. The plaintiffs were large companies whose household names had been registered and offered for sale by the defendants.

20.     Lai SJ found at [140] that 3 Corporate’s conduct in registering domains such as “ubereats.com.sg”, “gooogle.com.sg” and “amyswinehouse.com.sg” would fall within the meaning of cybersquatting as set out in Global Projects, and was the kind of conduct that has been frowned upon by the English Courts in Marks & Spencer and BT.

21.     Lai SJ also considered at [102] and [141] the Final Report of the WIPO Internet Domain Name Process titled “The Management of Internet Names and Addresses: Intellectual Property Issues” dated 30 April 1999 (“the WIPO Final Report”).

22.     At paragraph 170 of the WIPO Final Report, the Committee said:[1]

“… . In popular terms, “cybersquatting” is the term most frequently used to describe the deliberate, bad faith abusive registration of a domain name in violation of rights in trademarks and service marks. …”

23.     Moreover, the WIPO Final Report states that the registration of a domain name shall be considered to be abusive when all of the following conditions are met:[2]

(a)     The domain name is identical or misleadingly similar to a trade or service mark in which the complainant has rights (“the First Criterion”);

(b)     The holder of the domain name has no rights or legitimate interests in respect of the domain name (“the Second Criterion”); and

(c)     The domain name has been registered and is used in bad faith (“the Third Criterion”).

24.     As for when registration and use of a domain name shall be deemed to be in bad faith, the WIPO Final Report states that the following shall be evidence of such conduct:[3]

(a)     An offer to sell, rent or otherwise transfer the domain name to the owner of the trade or service mark, or to a competitor of the owner of the trade or service mark, for valuable consideration;

(b)     An attempt to attract, for financial gain, Internet users to the domain name holder’s website or other on-line location, by creating confusion with the trade or service mark of the complainant;

(c)     The registration of the domain name in order to prevent the owner of the trade or service mark from reflecting the mark in a corresponding domain name, provided that a pattern of such conduct has been established on the part of the domain name holder; or

(d)     The registration of the domain name in order to disrupt the business of a competition.

25.     3 Corporate argued that the Uniform Domain Name Dispute Resolution Policy (“UDRP”) and Singapore Domain Name Dispute Resolution Policy (“SDRP”) are more relevant than WIPO’s Final Report. The SDRP requires the following elements proven against the registrant of a domain name:[4]

(a)     the registered domain name is identical or confusingly similar to a name, trade mark or service mark in which the complainant has rights;

(b)     the registrant has no rights or legitimate interests in respect of the domain name; and

(c)     the registrant’s domain name has been registered or is being used in bad faith.

26.     The SDRP states that evidence of registration and use of bad faith can be found when:[5]

(a)     circumstances indicating that the Registrant has registered or acquired the domain name primarily for the purpose of selling, renting, or otherwise transferring the domain name registration to the Complainant, who bears the name or is the owner of the trademark or service mark, or to a competitor of that Complainant, for valuable consideration in excess of the Registrant’s documented out-of-pocket costs directly related to the domain name;

(b)     the Registrant has registered the domain name in order to prevent the owner of the trademark or service mark from reflecting the mark in a corresponding domain name, provided that the Registrant has engaged in a pattern of such conduct;

(c)     the Registrant has registered the domain name primarily for the purpose of disrupting the business of a competitor; or

(d)     by using the domain name, the Registrant has intentionally attempted to attract, for commercial gain, Internet users to the Registrant’s website or other on-line location, by creating a likelihood of confusion with the Complainant’s name or mark as to the source, sponsorship, affiliation, or endorsement of the Registrant’s website or location or of a product or service on the Registrant’s website or location.

27.     The court opined at [146]-[147] that the provisions in the WIPO Final Report and also the SDRP and UDRP were similar to those in the WIPO Final Report.

28.     The court found at [148]-[149] that the Domain Name is strikingly similar to the defendant’s many registered trademarks using its GRAB logo; that the plaintiff’s business is not in ride-hailing; and the plaintiff’s usage of the Domain Name had the markings of bad faith and cybersquatting.

29.     In response to the plaintiff’s argument that it is not appropriate to establish cybersquatting or abusive registration as a new head of public policy at common law and the court should be cautious of doing so when the legislature has not considered the matter, the court opined that given the wide reach of the Internet today and the pervasive use of Internet websites, the abusive and/or illegal usage of domain names need to be controlled and/or curbed: [143]. Accordingly, the court refused to enforce the Offer Letter on the ground that it was contrary to public policy.

IV. Comment

30.     The decision in Grabtaxi Holdings has the potential effect of establishing cybersquatting or abusive domain name registration as a new head of public policy at common law. In this respect, the five-panel Court of Appeal in Ochroid Trading Ltd and another v Chua Siok Lui (trading as VIE Import & Export) and another [2018] 1 SLR 363 (CA) (“Ochroid Trading”) at [30] “emphasise[d] that although the categories of illegality at common law are not closed, the courts will not readily add new categories. There is also always the issue as to whether, as society changes, the existing categories themselves will need to be modified or even (in extreme cases) done away with. The entire legal enterprise in this particular sphere is exacerbated by the fact that, as already noted above, the very nature of public policy is both fluid and problematic.” Indeed, the Court there described at [20] the concept of public policy as having “ofttimes [an] elusive nature … [and is] an unruly horse and must therefore be applied wisely”.

31.     As the Court in Orchroid Trading noted at [29], examples of the types of contracts which fall afoul of established heads of common law public policy include “contracts prejudicial to the administration of justice (including contracts to stifle a prosecution and contracts savouring of maintenance or champerty); contracts to deceive public authorities; contracts to oust the jurisdiction of the courts; contracts to commit a crime, tort or fraud; contracts prejudicial to public safety; contracts prejudicial to the status of marriage (including marriage brokage contracts as well as agreements by married persons to marry and agreements between spouses for future separation); contracts promoting sexual immorality; contracts that are liable to corrupt public life; and contracts restricting personal liberty”.

32.     The difficulty with accepting cybersquatting as a head of common law policy is that unlike other established heads of public policy, such as those cited above, it is not clearly a matter of violating some public interest or shared values. On the contrary, it is primarily a matter between private parties. And if indeed there is such a dispute between private parties, the party whose rights have been violated can seek legal recourse through the legal process of the SDRP.

33.     Further, if all contracts to transfer domain names which may potentially involve cybersquatting are unenforceable for being contrary to public policy, it creates uncertainty for parties who may deliberately choose to contract to purchase and transfer a domain name instead of, e.g. resolving the matter pursuant to the SDRP. Such contracts may increase economic efficiency than if it were otherwise to be resolved by dispute resolution. Moreover, legitimate holders of domain names may find themselves being accused of cybersquatting and unable to otherwise properly negotiate transfers for fair consideration. The uncertainty is aggravated by the multi-factorial fact-specific analysis required to determine whether all the elements in the SDRP or the WIPO Final Report have been fulfilled. Advising on the validity and enforceability of contracts of this type would now be difficult and would require a full-blown analysis of all the relevant elements.

34.     It is also peculiar to predicate the finding of a head of public policy, which would render all contracts of a type illegal or unenforceable, on the rules adopted by a private company, namely the Singapore Network Information Centre (SGNIC) Private Limited, and incorporated by reference into the Domain Name Registration Agreement between SGNIC and the domain name registrant or holder.[6] In other words, quite apart from whether cybersquatting will be legislated as a criminal or regulatory offence, the SDRP rules do not even have the force of law, although they may arguably be quasi-law. It is also noteworthy that the Singapore Parliament has not expressly considered or debated the issue of cybersquatting.

35.     Also, the English cases which the court relied on were decided on the basis of applying legal principles on trade mark infringement and passing off to granting injunctive relief in respect of domain names and cybersquatting. However, the authorities appear to suggest that the considerations for trade mark proceedings and SDRP or UDRP are quite different.

36.     The lack of certainty in the SDRP analysis is illustrated by the court’s findings at [148]-[149] regarding the Second and Third Criterion. The court found that because the plaintiff’s business is not in ride-hailing, it had no rights or legitimate interests in respect of the Domain Name. However, on the facts, it cannot be said that it must have been necessarily the case that the Domain Name must belong to an operator of a ride-hailing business. On the Third Criterion, the court was not convinced that the words “Grab” and “Grab Essentials!” used the words to such an extent that they were an integral part of the plaintiff’s related design business in Indonesia or that the words were/are used in the company’s advertising campaigns (at [144]) and also found that the word was not used in the plaintiff’s website. This is not only highly fact-specific but also a matter of degree and extent, which can be difficult to assess.

37.     In sum, the decision in Grabtaxi Holdings has raised interesting and novel points on public policy and enforceability of contracts, cybersquatting and SDRP rules which are seldom canvassed in the courts. However, perhaps because of this novel nature, it has raised important issues which will impact practices concerning domain names. It is hoped that further clarity will be brought to this area.


[1] WIPO Final Report at [170], cited in Grabtaxi Holdings at [141].
[2] WIPO Final Report at [171(1)], cited in Grabtaxi Holdings at [141].
[3] WIPO Final Report at [171(2)], cited in Grabtaxi Holdings at [141].
[4] See, e.g., Facebook, Inc v Zheng Zhongxing [2012] SDRP 1. See also Phang Hsiao Chung, “Resolving Domain Name Disputes – A Singapore Perspective” [2002] SAcLJ 14.
[5] SDRP at paragraph 4(b)(i)-(iv).
[6] SDRP at paragraph 1(a)-(b).

Payment Services Act commencing January 2020: application forms, notifications, exemptions, regulations, requirements, compliance

The Payment Services Act (“PSA”) will commence on 28 January 2020.

MAS has issued the Guidelines on Licensing for Payment Service Providers, Guideline No: PS-G01 (18 December 2019), specimen forms for the PSA and various notices and guidelines.

Summary of Considerations for Payments Service Providers

  1. If you provide any service, incidental to your core business or otherwise, which involves payments, consider if you are regulated under the PSA.
  2. Consider whether your service falls within any exemptions under the PSA.
  3. If you have been offering certain services prior to the PSA’s commencement, notify MAS of the same between 28 January and 27 February 2020 to enjoy a limited period of licence-exemption.
  4. Prepare for all necessary requirements, including policies and procedures to achieve compliance with the PSA, PS Regulations and MAS Notices. These include:
    1. Governance and ownership requirements
    2. Base capital requirements
    3. Security furnished to MAS
    4. Safeguarding clients funds
    5. Competency and fit & proper requirements of key individuals
    6. Registered office and place of business
    7. Compliance arrangements
    8. Technology risk management
    9. Audit arrangements
    10. Anti-money laundering and countering financing of terrorism arrangements
    11. Cyberhygiene and security
    12. Business conduct requirements
    13. Periodic reporting to MAS
    14. Disclosures and communications
    15. E-payment user protection
  5. Make the necessary licence application to MAS.

Table of Regulated Activities

 

Activity Type Brief Description
 

Activity A

Account issuance service

The service of issuing a payment account or any service relating to any operation required for operating a payment account, such as an e-wallet (including certain multi-purpose stored value cards) or a non-bank issued credit card.
Activity B

Domestic money transfer service

Providing local funds transfer service in Singapore. This includes payment gateway services and payment kiosk services.
Activity C

Cross-border money transfer service

 

Providing inbound or outbound remittance service in Singapore.

 

Activity D

Merchant acquisition service

Providing merchant acquisition service in Singapore where the service provider processes payment transactions from the merchant and processes payment receipts on behalf of the merchant. Usually the service includes providing a point-of- sale terminal or online payment gateway.
Activity E

E-money issuance service

Issuing e-money to allow the user to pay merchants or transfer to another individual.
Activity F

Digital payment token service

Buying or selling digital payment tokens (“DPTs”) (commonly known as cryptocurrencies), or providing a platform to allow persons to exchange DPTs.
Activity G

Money-changing service

 

Buying or selling foreign currency notes.

Exclusions / Non-Exclusions from Regulated Activities

 

  1. No incidental service exemption:
    • There is no exemption for payment services that are incidental to a core business. Incidental payment services are expressly regulated in the PSA (sections 2(4), 5(2)).[i] Express disapplication of the holding in Chinpo Shipping Co (Pte) Ltd v. Public Prosecutor [2017] 4 SLR 983 (HC),[1] where the court held that the MCRBA prohibits unlicensed business of accepting moneys for transmission to persons outside Singapore rather than the mere act to that effect, and the provision of remittance as a service in its own right rather than simply as an incident to a core business.
    • MAS has given the example of online marketplace operators offering payment services to facilitate transactions in the marketplace—such operators must have a licence.[2] MAS views that such incidental services carry similar regulatory risks to payment services that are not related or not incidental.
    • However, payment services provided by any person regulated or exempt under the (i) Financial Advisers Act; (ii) Insurance Act; (iii) Securities and Futures Act; (iv) Trust Companies Act, that is solely incidental to or necessary solely for the carrying on of any regulated activity under these Acts are excluded from the PSA as the AML CTF risks are regulated under other MAS regulations.[3]

 

  1. Excluded: limited purpose e-money.
    • Part 2 and Part 3 of First Schedule, PSA defines excluded payment services. This includes any service relating to only limited purpose e-money.[ii] This includes:
    • e-money used to pay for goods or services by the issuer (or limited network of providers which has arrangement with issuer);
    • loyalty programs e-money / credit,
    • e-money that can only be used for payment or part payment of goods or services provided by merchants within the physical premises operated, owned or managed by the issuer (or its related corporations or associated companies) (subject to conditions, e.g. no refund or withdrawal, not exceeding $1,000 in account).

 

  1. Excluded: limited purpose digital payment tokens / virtual currencies.
    • Means non‑monetary customer loyalty or reward point, any in‑game asset, or any similar digital representation of value that (a) cannot be returned to its issuer, transferred or sold in exchange for money; and (b) may only be used–
      • in the case of a loyalty or reward point, for payment or part payment of, or in exchange for, goods or services, or both, provided by its issuer or any merchant specified by its issuer; or
    • for in‑game asset, for the payment of, or in exchange for, virtual objects or virtual services within an online game, etc.

 

Types of Licences

 

  1. There are three types of licences as set out in section 6 of the PS Act:
  • apply for a money-changing (“MC”) licence if it only intends to carry out money-changing service; or,
  • in any other case, apply for:
    • a Standard Payment Institution (“SPI”) licence if it intends to conduct payment services below the specified thresholds; or
    • a Major Payment Institution (“MPI”) licence if it intends to conduct payment services without being subject to the specified thresholds.
  1. The thresholds are set out in section 6(5) of the Act and are, in summary:
    • S$3m monthly transactions for any activity type
    • S$6m monthly transactions for two or more activity types
    • S$5m of daily outstanding e-money
  2. Main difference between SPI and MPI:
    • Base Capital – SPI: S$100,000; MPI: S$250,000.
    • Security: monthly ≤ S$6 million $100,000; > S$6 million: $200,000.
    • MPI providing (a) a domestic money transfer service; (b) a cross‑border money transfer service; (c) a merchant acquisition service; (d) an e‑money issuance service, must safeguard e-money floats or customers’ funds: 1) an undertaking or guarantee by any bank in Singapore or prescribed financial institution to be fully liable to the customer for such monies; 2) a deposit in a trust account; or 3) any other safeguards as may be prescribed by MAS.
    • Other compliance requirements likely the same for SPI and MPI in terms of type but different in terms of degree.
  3. Variation or change of licence – A licensee must apply for a variation or change of licence in Form 2 if it intends to (i) add or remove any payment service, or (ii) change its licence
  4. Designated payment systems. MAS may designate any payment system under PSA (s 42). Similar to current scheme in POSA.
    • DPS generally are payment systems with potential significant adverse impact on the wider financial system of Singapore, e.g. it’s widely used or recognised.
    • MAS may impose additional conditions or restrictions on DPS. Obligations under PSA (s 47-71) include: to notify MAS of certain prescribed events, including new businesses and acquisitions, to submit periodic reports to MAS, to seek MAS and Court approval for transfers of the business, to seek MAS approval for change in shareholder controllers of the DPS and appointments of CEOs and directors, and annual audit.
    • Different category from SPI and MPI. SPI or MPI may be designated.

 

Notification & Exemption

 

Persons who, before the commencement date of the PSA, carried on an account issuance service, domestic money transfer service, merchant acquisition service, e-money issuance service and/or DPT service (specific payment services), should notify MAS of the date on which they commenced the business of providing the specific payment services.

MAS has issued a sample of the Notification Form for the Purpose of Exemption for Holding a Licence under the Payment Services Act for the Specified Period (Notification Form).

Notifications will be accepted via the online version of the Notification Form on MAS website between 28 January 2020 and 27 February 2020.

Persons who make a successful notification will be exempt from having to apply for and hold a licence with respect to the specific payment services for the specified period (six months from 28 January 2020 for providers of a DPT service and 12 months from 28 January 2020 for the other relevant payment services).

 

Admission Criteria

 

  1. Governance and ownership requirements
Entity type Governance/Ownership requirements
Sole-proprietor ·        The applicant must be a Singapore citizen.

·        The applicant must have a minimum of 1 year’s relevant working or business experience on a full-time basis.

Partnership or Limited Liability Partnership (LLP) ·        The majority of its partners should be Singapore citizens. If there are only two partners, only one needs to be a Singapore citizen.

·        Each partner must have a minimum of 1 year’s relevant working or business experience on a full-time basis.

Singapore-owned Company ·        More than 50% of the equity shareholdings should be beneficially owned and effectively controlled by Singapore citizens.

·        A majority of the board of directors of the company should be Singapore citizens. If there are only two directors, only one of the directors needs to be a Singapore citizen.

·        Each executive director must have a minimum of 1 year’s relevant working or business experience on a full-time basis.

Singapore incorporated wholly-owned subsidiary of a foreign bank, or a foreign company primarily engaged in money- changing ·        The parent company must:

o   Be of significant size. In case of a foreign bank, it needs to rank among the top banks in the country where it is incorporated.

o    Possess a good track record and reputation.

o   Be adequately regulated and supervised by its home supervisory authority for AML/CFT.

 

Table A1-2 – Governance/Ownership Requirements for Standard or Major Payment Institution Licence

 

Entity type Governance/Ownership requirements
Singapore- incorporated company ·        At least one Executive Director[4] of the applicant is a Singapore citizen or permanent resident; or,

·        At least one Executive Director of the applicant is a Singapore Employment Pass holder and at least one other director of the applicant is a Singapore citizen or permanent resident

Singapore branch of a foreign- incorporated company

 

  1. Fit and Proper requirements[5]
  2. Competency of Key Individuals – sufficient experience, educational qualifications and professional certification in payment services or financial services.
  3. Permanent place of business or registered office – office area where books and records securely held. At least one person to be present to address any queries or complaints from [6]
  4. Base Capital – SPI: S$100,000; MPI: S$250,000
  5. Security – cash deposit with MAS or a bank guarantee in the prescribed

 

 

Category

Security Requirement
The average, over a calendar year, of the total value of all payment transactions in one month does not exceed S$6 million for any one payment service  

 

S$100,000

All other cases S$200,000
  1. Compliance Arrangements – commensurate with nature, scale and complexity of “Ultimate responsibility and accountability rest with sole-proprietor, partners, or directors and CEO, and compliance officer”.
    • An independent compliance function – staff who are suitably Compliance staff may perform other non-conflicting and complementary roles such as that of an in-house legal counsel.
    • Compliance support from holding company or overseas related entity – compliance support from an independent and dedicated compliance team at its holding company, or at an overseas related entity, provided that it is able to demonstrate that there is adequate oversight by the applicant’s compliance officer, sole-proprietor, partners, or directors and CEO and other senior management.
    • The applicant must also develop appropriate compliance management arrangements, including at least, the appointment of a suitably qualified compliance officer at the management level. This individual is expected to have sufficient expertise and authority to oversee the compliance function of the applicant, although he may be assisted by other staff in day-to-day
    • If this officer has yet to be employed at the point of application, he/she must, at the minimum, have been identified at the point of application and must be employed and appointed prior to the applicant commencing business.
  2. Technology Risk Management – for online financial services, penetration test of proposed online financial services, remediate all high-risk findings identified, and conduct independent validation on the effectiveness of the remediation
    • Identify risks and develop SOPs regarding IT systems, cloud computing & storage, outsourced IT vendors, software migration, cybersecurity, encryption, data loss & backup, system availability and recovery, data centre, user access control.
    • It’s a risk management framework, i.e. highly dependent on your specific business operations and systems.
    • Penetration testing should be conducted prior to commissioning new system which offers internet accessibility and open network interfaces.
    • Source code review for vulnerabilities, errors, poor coding practices.
  3. Audit Arrangements – independent audit arrangements regarding procedures, controls, and compliance with regulatory requirements. Audit may be conducted by an internal audit function within the applicant, an independent internal audit team from the head office of the applicant, or outsourced to a third party service provider.
  4. Annual Audit Requirements – section 37 of the PS Audit of accounts and transactions, and compliance with the relevant regulations and requirements.
  5. Letter of Responsibility and/or Letter of Undertaking – from the applicant’s majority shareholders, parent company and/or related
  6. Other Factors – MAS may also take into consideration factors such as:
    • track record and financial condition of the applicant, its holding company or related corporations, where applicable;
    • operational readiness of the applicant, including ability to comply with regulatory requirements;
    • whether the applicant, its holding company or related corporations are subject to proper supervision by a competent regulatory authority;
    • commitment of the applicant’s holding company to operations in Singapore; and
    • whether the public interest will be served by granting a licence.

Ongoing Requirements

  1. Anti-Money Laundering and Countering the Financing of Terrorism (“AML/CFT”) Requirements – Notices on the Prevention of Money Laundering and Countering the Financing of Terrorism [PSN01 and/or PSN02] and Notice on Reporting of Suspicious Activities & Incidents of Fraud [PSN03].
  2. Periodic Returns – submit periodic regulatory returns in accordance with the PSR. The requirements are set out in the Notice on Submission of Regulatory Returns [PSN04].
  3. Cyber Hygiene Notice on Cyber Hygiene [PSN06] (effective 6 August 2020) and put in place appropriate safeguards to protect customer information.
    • Secure admin accounts. Security patches applied to address vulnerabilities to every system timely. Written set of security standards for every system. Network perimeter to restrict unauthorized network traffic. Malware protection. Multi-factor authentication for all admin accounts and accounts to access customer info.
  4. Business Conduct – PSA, PSR and Notice on Conduct [PSN07]. Include safeguarding of customers’ monies, record of transactions, issuance of receipts, adhering to the prescribed time period for transmission of money, display of exchange rate and fees, and notification of normal business hours. Comply with all prohibitions and restrictions, including personal payment account stock and flow restrictions,[7] as well as prohibited business
  5. Disclosures and Communications – Accurate representation on the scope of its licence and provide the disclosures set out in the Notice on Disclosures and Communications [PSN08] . Ensure customers receive timely updates regarding any material changes to the
  6. Annual Audit Requirements – annual audit of accounts and transactions, and compliance with regulations and requirements. Auditor must submit a report to MAS in Form 4.
  7. Licensees should also understand and apply the relevant MAS Guidelines such as the Guidelines on Technology Risk Management and E-payments User Protection Guidelines, and keep abreast of regulatory
  8. E-payments user protection guidelines obligations include:
    • Informing account holder of their user protection duties.
    • Notify account holders of outgoing transactions.
    • Allow account user to confirm payment transaction and recipient credentials.
    • Have reporting channel for unauthorized or erroneous transactions.
    • Assess and investigate claims by account holders of unauthorized transactions, process holders’ claims.

[1] Case summary https://www.supremecourt.gov.sg/news/case-summaries/chinpo-shipping-company-private-limited-v-public-prosecutor

[2] Response to Feedback Received on Proposed Payment Services Bill MAS P0212017.

[3] Paragraph 2(i) of First Schedule: any payment service mentioned in Part 1 of this Schedule that is provided by any person licensed, approved, registered or regulated, or exempt from being licensed, approved, registered or regulated, under any of the following Acts, in any case where the payment service is solely incidental to or necessary solely for that person to carry on that person’s business in any regulated activity for which that person is so licensed, approved, registered, regulated or exempt from being licensed, approved, registered or regulated:

(i)    Financial Advisers Act (Cap. 110);

(ii)   Insurance Act (Cap. 142);

(iii)  Securities and Futures Act (Cap. 289);

(iv) Trust Companies Act (Cap. 336);

[4] As set out in section 2 of the PS Act, executive directors should be involved in the day-to-day running of and making of executive decisions on behalf of the business or operations of the applicant. They are expected to be resident in Singapore to oversee the activities of the licensee. Nominee directors such as investors, legal advisers or corporate secretaries are not Executive Directors. Non- Executive Directors provide oversight as members on the Board of Directors, but are not involved in the day-to-day business or operations of the licensee. The job titles and designations of directors should reflect the substance of the role and responsibilities of the individual.

[5] Sole-proprietor, partners, or directors and CEO, shareholders and employees, as well as the applicant itself, are fit and proper, in accordance with the Guidelines on Fit and Proper Criteria [FSG-G01]. The entity and group should not have any adverse reputation, particularly with regard to financial crime.

[6] As set out in MAS Notice PSN07, licensees must appoint at least one person to be present at its permanent place of business or registered office for a minimum of 10 days a month and a minimum of eight hours on each of those days during its normal business hours, unless:

  • it has notified all its customers in writing and in advance of any planned non-operating days that will prevent it from meeting the specified days and hours; or
  • there are circumstances beyond the control of the licensee that could not reasonably have been foreseen that prevent it from meeting the specified days and

[7] Personal payment accounts will be subject to a stock cap, which is the maximum amount of funds that can be held in a personal payment account at any given time. They will also be subject to an annual flow cap. This is the maximum cumulative amount of yearly outflows from the personal payment account, other than to the user’s designated bank accounts. The stock and flow caps were calibrated with due regard to consumer needs and existing industry practices, and will be set initially at $5,000 and $30,000 respectively: https://www.mas.gov.sg/news/speeches/2019/payment-services-bill

 

Case Update: PEX International Pte Ltd v Lim Seng Chye [2019] SGCA 82 – foreseeability of risk of harm in tort of nuisance

Significance: In PEX International Pte Ltd v Lim Seng Chye [2019] SGCA 82, the Singapore Court of Appeal held that foreseeability of risk of harm is not necessary to establish liability in the tort of nuisance. The Court also left open the issue of whether the rule in Rylands v Fletcher is a sub-species of nuisance and should be abolished. Regardless, similarly, foreseeability of risk of harm is not necessary to establish liability under the rule in Rylands v Fletcher.

Continue reading “Case Update: PEX International Pte Ltd v Lim Seng Chye [2019] SGCA 82 – foreseeability of risk of harm in tort of nuisance”