With the repeal of the Registered Fund Management Company (RFMC) regime, all Fund Management Companies (FMCs) are now under the Capital Markets Services License (CMSL) regime, broken down for Retail Investors, and Accredited/Institutional Investors. There is also a specific light-touch regime applicable for Venture Capital Fund Managers. With this transition, the need for FMCs to ensure that they have adequate risk management measures in place has become even more important.

The Monetary Authority of Singapore (MAS) has updated its existing  Guidelines on Licensing and Conduct of Business for Fund Management Companies [SFA 04-G05] as part of the regulatory enhancements. This enhances investor protection,  tightens compliance and enables FMCs to demonstrate substantive control over portfolio management, including investment strategies and asset allocation, particularly if dealing with digital assets like cryptocurrencies which is a key focus area. 

The updated guidelines require FMCs to implement a more comprehensive Risk Management Framework (RMF) that provides a more integrated approach for oversight of risk from the top down, and is also a requirement as spelt out in accordance with regulation 13B(1)(a) of the Securities and Futures (Licensing and Conduct of Business) Regulations. 

The following measures are minimally what FMCs should have in place to ensure that their risks are appropriately mitigated.  

Governance, Independence and Competency of the Risk Management Function

It is vital for the risk management function to be appropriately independent from the portfolio management function to avoid conflicts of interest arising from profit-driven decisions and to ensure proper segregation of duties for maintaining objectivity when assessing and managing risk. The risk management function should also be equipped with the necessary knowledge and expertise in risk management, aligning with best industry practices and MAS expectations.

Identification and Measurement of Risks Associated with Customer Assets

FMCs are mandated to establish systems for identifying and measuring risks specific to customer assets classes and types. In the updated Guideline, FMCs are recommended to use advanced specialised tools and metrics for real-time monitoring insight into risk exposure based on different investment strategies. The systems should also tailor the risk measures according to the size and nature of the assets under management rather than adopting a “ one size fits all”-approach. 

A component of the overall risk management framework, as an example, may be Liquidity Risk Management (LRM) – which is a form of control to ensure the maintenance of sufficient liquidity in the Funds they manage, to meet their financial obligations. FMCs can make use of metrics (e.g.Liquidity Coverage Ratios and Redemption Coverage Ratios) as part of their assessment for LRM monitoring. Scenario Analysis Tools are also useful to identify and pre-empt potential liquidity shortfalls in various economic and market scenarios which facilitate better asset-liability management.

Enhanced Focus on Cybersecurity and Technology Risks

With the increased presence of digital assets in the financial industry and the growing threat of cyberattacks, it’s important to note that risk management measures now place a greater emphasis on cybersecurity protection. FMCs are required to address not only traditional investment risks but also the risks associated with managing digital assets. Under the updated requirements, it is mandatory for FMCs that manage digital assets in particular, to be equipped with appropriate systems to deter against cyber threats. Regular training is also strongly recommended to keep employees abreast of potential cyber tactics in order to maintain integrity and confidentiality of both customer and corporate financial information.

Timely Monitoring and Reporting of Risks to Management

Prior to the last updates, the responsibility for managing and overseeing risks primarily rested with Senior Management and the Board of Directors (Board) of the FMC. However, the current  requirement expands the scope of responsibility as it now mandates direct involvement of the Chief Executive Officer (CEO). The updates also require continuous monitoring and timely escalation instead of just relying on periodic risk reporting. With the direct involvement of the CEO, this provides more accountability and ensures timely intervention of critical risk as it becomes a key focus area of the day-to-day operations of the FMC as well. This facilitates the establishment of clearer procedures of escalation so that risk exposures are continuously and promptly communicated to management.

Documentation of Risk Management Policies, Procedures and Reports 

Under the new guideline, FMCs are required to maintain comprehensive records for all policies, procedures, and reports which entails full transparency and accountability across all levels of the organisation. FMCs should ensure that the internal controls established by the (Board) and Senior Management are reviewed regularly, approved and consistent with the nature, complexity and materiality of the company’s operations. This is crucial not just for internal control purposes but also to be readily available for compliance checks, internal and external audits, and/or regulatory inspections when applicable.

To conclude, the requirements focus on a substantively more comprehensive risk management process that takes into accord governance, timely risk escalation, and a deeper integration of risk management into the operations of FMCs. These changes are essential for maintaining a more structured approach to manage risks in an increasingly complex investment landscape, especially as digital finance becomes more prominent.

By implementing these enhanced risk management practices, FMCs can safeguard both their operations and investor interests, helping them be well prepared for market volatility and technological advancements.

What does this mean for you? 

As a Regulated Financial Institution in Singapore, incorporating the MAS’ updated requirements on Risk Management into your operations is essential for maintaining regulatory compliance. These updates signal critical shifts in how FMCs must handle risk management and compliance.

Curia Regis has a dedicated team in Singapore to provide invaluable regulatory and compliance support to fund management companies striving to meet MAS requirements across diverse strategies and business models. With extensive experience in this field, we are prepared to help you ensure that your compliance frameworks align with MAS standards and are tailored to be solution-oriented, reflecting the size and type of your business.

Contact us at [email protected] to know more and follow our LinkedIn page https://uk.linkedin.com/company/curiaregis for updates in the regulatory space.