29 June 2021
The Credit Bureau Act 2016, which subjects credit bureaus to formal oversight by the Monetary Authority of Singapore (“MAS”), has come into operation on 31 May 2021.
The Act enables MAS to license and supervise credit bureaus that collect customer credit information from banks and other financial institutions in Singapore. The objectives are to help ensure the sound operation of licensed credit bureaus (“LCBs”), safeguard the confidentiality, security and integrity of customer credit information, and protect consumer interests.
Credit bureaus are entities that collect, use and disclose information relevant to the credit worthiness of borrowers from banks and other financial institutions. Members of credit bureaus are usually lenders, such as banks, that use the information to facilitate their credit assessments and loan approval decisions. As credit bureaus collect an increasing amount of data with more granular details to facilitate more comprehensive credit assessments by their members, it would be prudent to subject credit bureaus to formal supervision by MAS. This will ensure that credit bureaus operate soundly and safeguard the confidentiality, security and integrity of customer credit information. The Act will also allow consumers the right to access, review and rectify credit records.
To support the implementation of the Act, the following regulations have been issued and also came into operation on 31 May 2021:
These Regulations set out provisions of general application, such as the type of fees payable by an LCB, and the procedures that apply when a person is given an opportunity to be heard by MAS.
These Regulations sets out the compoundable offences that apply to both LCBs and approved members of an LCB (“AMs”). Any offence punishable by a fine and the offences in these Regulations are compoundable.
MAS Notices for licensed credit bureaus
On 28 May 2021, MAS issued the following Notices to licensed credit bureaus, all of which take effect on 31 May 2021:
This Notice sets out requirements which will instil robust governance standards within LCBs, safeguard confidentiality and accuracy of data processed by LCBs and their AMs, and ensure disputes over data are resolved in a prompt, fair and independent manner.
- Notice on Technology Risk Management for Licensed Credit Bureaus and Notice on Cyber Hygiene for Licensed Credit Bureaus
These Notices subject LCBs to technology risk management requirements and cyber security measures similar to those of other financial institutions regulated by MAS. This will ensure LCBs have robust infrastructure, and systems and processes to manage technology risk and cyber threats.