The Malaysia Personal Data Protection Act applies to all companies operating in Malaysia, as well as persons not established in Malaysia, if they use equipment in Malaysia for the processing of personal data otherwise than for the purposes of transit through Malaysia. (more…)
Singapore may soon mandate data breach notifications and data portability via amendments to the Singapore Personal Data Protection Act, or PDPA. The PDPA applies to all organizations that collect, use and disclose data in Singapore, and the PDPA has extraterritorial effect as it applies to all organizations collecting, using or disclosing personal data from individuals in Singapore (whether or not the company has a physical presence in Singapore).
*This article was originally published by DataGuidance in October 2018.
On 6 September 2018, the Monetary Authority of Singapore (‘MAS’) issued a consultation paper on its draft notice on cyber hygiene (‘the Notice’) which will require financial institutions operating in Singapore to implement a set of fundamental controls to raise their overall level of cyber resilience. Han Ming Ho and Yuet Ming Tham, partners at Sidley, discuss and focus on the key features of the draft Notice.
On August 7, a group of regulators from 11 jurisdictions published a consultation (the Consultation) on the Global Financial Innovation Network (the GFIN), which aims to promote international cooperation on innovation and the use of technology in financial services (FinTech) and in regulatory processes (RegTech).
The group — which includes the U.S. Consumer Financial Protection Bureau, the UK Financial Conduct Authority (the FCA), the Hong Kong Monetary Authority (HKMA) and the Monetary Authority of Singapore (MAS) — is one of the first major collaborative efforts on FinTech and RegTech issues among regulators in developed financial services markets. The Consultation builds on the FCA’s proposal earlier this year to create a “global sandbox” for innovative financial services firms.
This post summarizes the proposed role of the GFIN, the issues on which its founding regulators are consulting and how these may affect financial services firms.
The Hong Kong Office of the Privacy Commissioner for Personal Data (the “Hong Kong Data Privacy Commissioner”) has recently published compliance guidance on the upcoming GDPR to raise awareness in Hong Kong companies about the potential effects and reforms needed in order to comply with the new GDPR requirements. (more…)
On March 6, 2018, Singapore announced that it has joined the APEC Cross-Border Privacy Rules (CBPR) system as well as the APEC Privacy Recognition for Processors (PRP) program. Singapore is the sixth member of the CBPR system, which includes Canada, Japan, Korea, Mexico and the United States, and is the second member of the PRP program after the US. (more…)
On Feb. 13, 2018, the Monetary Authority of Singapore (MAS) issued a Consultation Paper on the Proposed E-Payments User Protection Guidelines (Consultation Paper). Under the Consultation Paper, the MAS proposes to issue a set of guidelines (Guidelines) to standardize the protection offered to individuals or micro-enterprises from losses arising from unauthorized or mistaken payment transactions.
The Guidelines are part of MAS’s ongoing review of Singapore’s regulatory framework for payment services. They are meant to provide general guidance and are not intended to be comprehensive or to replace or override any legislation.
With the rise in drone usage for both commercial and recreational activities, air safety regulators around the world have increasingly focused on the impact of drones (otherwise known as unmanned aircraft systems or UAS) on flight safety and efficiency. Consistent with calls by the International Air Transport Association (IATA) for more oversight, Hong Kong’s Civil Aviation Department (CAD) recently announced plans to step up the regulation of commercial and recreational drones.
As the FinTech industry continues to expand, regulators around the globe are starting to react. The past 18 months have seen the emergence of a new trend in financial services regulation, the “sandbox.”
Since the launch of the UK’s regulatory sandbox in May 2016, regulators across the globe have adopted similar frameworks. There are now regulatory sandboxes in Abu Dhabi, Australia, Canada, Hong Kong, Lithuania, Singapore, Switzerland and Thailand, to name a few, and the European Union recently set out proposals for a possible EU-wide regulatory sandbox. (more…)