Singapore has been dedicated to Smart Nation transformation since 2014 by developing technologies and encouraging innovations in key domains, including health, transport, urban solutions, finance, and education. In the digital era, the government agencies together with every industry took initiatives from regulatory perspectives to support and drive digital technology adoption. A strong infrastructure will be the foundation of all the plans and projects, which makes cloud computing technologies one of the critical enablers in the digital revolution journey.
General Regulatory Environment
The Personal Data Protection Commission regulates personal data protection in Singapore.
General Privacy Laws:
PDPA - Personal data in Singapore is protected under the Personal Data Protection Act 2012 (PDPC). The PDPC establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. The PDPC released a guide on the use of cloud services in October 2019. Please click here to read the guidelines.
Data Cross-Border Transfer Requirements:
The PDPA contains offshore personal data transfer restrictions. The requirements include
1) The receiving organization has “comparable protection” in place as set in the Act, and;
2) There are written data transfer agreements in place, so that the recipient is bound by legally enforceable obligations, and;
3) The individual has given deemed or express consent to such transfer.
Financial Services Sector
Alibaba Cloud offers a high degree of flexibility in designing and implementing the IT architecture on the cloud with three Availability Zones in Singapore. With proper solution design, it can meet the requirements of security, resilience, recoverability, and performance for regulated entities in the Financial Services industry. Alibaba Cloud has helped several customers minimize the risks of losses in confidentiality, integrity, and availability when moving to a public cloud.
Alibaba Cloud is committed to facilitating the customers in compliance with the financial industry-specific regulatory requirements, including the initial high-level due diligence and risk assessment, solution selection, implementation and transition, and post-implementation assurance. Alibaba Cloud provides a full suite of offerings that can help, including responses in every due diligence evaluation aspect, best practices in services and product configuration, automated and continuous security check tools, as well as assurance over the design and operational effectiveness of internal controls.
Singapore's central bank, the Monetary Authority of Singapore (MAS), regulates financial institutions, including banking and non-banking institutions.
Regulations/Guidelines to look at when using cloud computing services:
Is cloud permitted?
Is there any additional approval needed?
FIs need to maintain an updated register of all existing outsourcing arrangements in the format as per the template available on the MAS website. The updated register has to be submitted to MAS annually or upon request. MAS will assess the adequacy of the FIs observance of the outsourcing guidelines.
Are offshore outsourcing arrangements allowed?
The MAS does not restrict the FIs from outsourcing services to service providers in a foreign country. However, more risks, including country risks (political, social, economic conditions), as well as the level of legal and regulatory requirements in the foreign country, need to be taken into consideration during the due diligence process. Moreover, though the information and data can be moved to a foreign country, it should not hinder the MAS’s right to retrieve such information or to perform auditing/supervising over the FIs business operations
South China Morning Post
SCMP utilized Alibaba Cloud to migrate existing IT infrastructure to the cloud, deployed multi-channel content management, content delivery, data warehousing, as well as implemented steps for cross-regional communication.
Alibaba Cloud enables Cynopsis to grow as they expand into new Asian markets. Alibaba Cloud’s Galaxy Program allowed Cynopsis to buy ECS instances in bulk and then resell them in the form of software.