Bill introduced to establish platform for financial institutions to share information on customers to combat money laundering and terrorism financing
27 March 2023
On 20 March 2023, the Financial Services and Markets (Amendment) Bill (“Bill”) was introduced in Parliament. The Bill provides for the establishment of a digital platform, called COSMIC (short for “Collaborative Sharing of ML/TF Information & Cases”), for financial institutions (“FIs”) to share information on customers for the purposes of mitigating money laundering (“ML”), terrorism financing (“TF”) and proliferation financing (“PF”) risks.
Rationale for establishment of COSMIC
In an explanatory brief published on 20 March 2023, the Monetary Authority of Singapore (“MAS”) stated that a remaining weakness in the effective detection of illicit financial flows lies in the inability of FIs to alert each other to unusual activity in their customers’ accounts. Financial criminals exploit these “information silos” by making illicit transactions through a web of accounts in different FIs and moving from one FI to another to avoid detection.
COSMIC, which will be established and maintained by MAS, will address this gap by providing a secure digital platform for FIs to share information on customers that exhibit multiple red flags indicative of potential illicit activities with each other. This platform will enable FIs to conduct sharper analysis of customer behaviours and activities to detect potential illicit activities more promptly and warn each other of such activities.
Background
The introduction of the Bill follows a public consultation on the platform held from 1 October 2021 to 1 November 2021. In its response to feedback published on 20 March 2023 (“Response”), MAS said that respondents were generally supportive of the proposals, and MAS has incorporated their feedback in the Bill where appropriate.
Phased implementation of COSMIC
The information-sharing framework will be jointly developed by MAS and six major commercial banks in Singapore. COSMIC will initially focus on three key financial crime risks in commercial banking: abuse of shell companies, misuse of trade finance for illicit purposes, and PF. The six banks will be permitted to share information on COSMIC during this initial phase. MAS plans to make some aspects of sharing mandatory and progressively extend COSMIC’s coverage to more focus areas and FIs in subsequent phases. In its Response, MAS said that the initial phase is expected to last for approximately two years after the launch of COSMIC.
Key aspects of the Bill
The Bill sets out the provisions for the initial phase for COSMIC only, during which all sharing will be on a voluntary basis. The key features of the Bill are outlined below.
Permit sharing only for mitigation of ML, TF and PF risks
To ensure that the sharing of customer information among FIs is conducted within a robust legal framework that safeguards the interests and privacy of legitimate customers, the Bill will permit the sharing of information solely for the purposes of mitigating ML, TF and PF risks. Such sharing may be done despite any restrictions that may be imposed by any written law or contract.
Information sharing will only be permitted if the customer’s behaviour or transaction activities exhibit pre-determined red flags that cross stipulated thresholds, suggesting that potential financial crime could be taking place. MAS said that for the vast majority of individuals and companies that are legitimate and do not exhibit risky behaviours, FIs will neither have a reason to share their customers’ information, nor will they be permitted to do so.
In its Response, MAS said that information sharing on COSMIC will be done via a structured data template that will be made available to all participant FIs. This will include fields for information relating to the customer including identifying information of the customer and the beneficial owners and authorised signatories of the customer, details of the transactions in question, the red flag behaviour exhibited, and the risk analysis that is relevant to the customer relationship.
Tight controls to safeguard information security and confidentiality
The Bill will allow participant FIs to share information via COSMIC. To ensure the confidentiality of the information disclosed on COSMIC, FIs will be prohibited from disclosing the information obtained from COSMIC except in certain specified circumstances.
The Bill will also empower MAS to issue a notice covering, among other things, the protection of specified risk information from unauthorised use and disclosure, including the systems and processes to be established to keep the information confidential. According to MAS, this includes implementing cybersecurity measures and limiting access to any risk information obtained from COSMIC to relevant staff on a need-to-know basis.
Statutory protection against civil liability for disclosures on COSMIC
The Bill will provide statutory protection from civil liability for FIs in respect of their disclosure of risk information onto COSMIC, provided the disclosure was made with reasonable care and in good faith, and in accordance with the disclosure thresholds. This will provide FIs confidence that legitimate information sharing to highlight higher risk customers and their related activities will not expose them to civil suits.
Access and use of COSMIC information by MAS and the Suspicious Transaction Reporting Office
The Bill will allow MAS access to information on COSMIC for supervisory purposes, including to monitor if FIs are using the platform appropriately and to identify necessary adjustments to improve effectiveness. COSMIC information, including material networks of suspicious actors that are escalated to MAS, will be integrated into MAS’s overall surveillance framework to target higher risk activities in the financial system for supervisory intervention.
The Suspicious Transaction Reporting Office will have direct access and be able to use COSMIC information as an additional data source for its own analysis.
Reference materials
The following materials are available on Singapore Statutes Online sso.agc.gov.sg and the MAS website www.mas.gov.sg: