Singapore set to increase oversight of credit bureaux to ‘protect consumers’

Out-Law News | 21 Aug 2014 | 10:34 am | 2 min. read

Singapore’s financial services regulator has published proposals to strengthen oversight of credit bureaux in the country and “safeguard sensitive borrower credit information”.

The Monetary Authority of Singapore (MAS) said new legislation is needed because credit bureaux are increasingly collecting more detailed data.

A consultation paper released by MAS (91-page / 480 KB PDF), proposes to subject credit bureaux to “more formal oversight” under a new ‘Credit Bureau Act’ (CBA), aimed at “protecting consumers’ interests”.

Under the CBA, credit bureaux licensed by MAS would be “subject to ongoing regulatory requirements”. The CBA would also allow MAS to establish a licensing framework to issue, renew, suspend and revoke licences of credit bureaux in Singapore. Each licence would be valid for a five-year period.

MAS said: “A key focus of these requirements will be for credit bureaux and their members to ensure data confidentiality, security and integrity. In addition, to better enable consumers to access and verify the accuracy and completeness of their credit records, members of licensed credit bureaux, such as banks, finance companies and credit card companies, will be required to provide to a consumer a copy of his credit report at no cost within a specified period of approving or rejecting a credit application by the consumer.”

In Singapore, there are currently two credit bureaux recognised by MAS under the country’s Banking Act to collect and disclose credit data to their members including banks, finance companies and credit card companies. As a condition for recognition, MAS said credit bureaux agree to “safeguard the confidentiality, security and integrity of the credit data, and to seek MAS’ prior approval for any changes to their corporate and shareholding structures, scope of business and credit reporting systems”.

However, MAS said credit bureaux “are collecting increasing and more detailed credit data to facilitate more comprehensive credit assessments by their members”. “Given the large amount of sensitive personal information collected... it is necessary to subject them to more formal oversight by MAS to ensure that they safeguard the credit data and consumers’ interests,” MAS said.

MAS said the licensing regime will also allow it to set “admission criteria” for licensed credit bureaux (LCBs), as well as ongoing requirements that must be met for LCBs to continue to be licensed. “The licensing regime will enable MAS to improve the standards for fair credit reporting among LCBs and strengthen the protection of confidential credit data and consumers’ rights in Singapore,” MAS said.

Existing credit bureaux recognised by MAS would be given a transition period of six months to comply with the new requirements.

Last month, banks, merchant banks and finance companies operating in Singapore were issued with new guidelines by MAS on how to observe individuals' privacy rights whilst meeting their obligations to combat money laundering and terrorist financing.

New data protection rules came into force in Singapore on 2 July and provide individuals with a general right to request access to and the correction of personal data held about them by businesses operating in the country.

Bryan Tan of Pinsent Masons MPillay, the Singapore joint law venture partner of Pinsent Masons, the law firm behind Out-Law.com, said: "Even though Singapore data protection law does not have a formal classification for sensitive personal data, which some  jurisdictions have, it is clear that personal data such as those handled by credit bureaux are of significant importance and carry considerable ramifications. Therefore, it is not surprising that the regulators are exercising more oversight over the operation  of such credit bureaux."