On 9 June 2025, Singapore introduced one of its most significant regulatory changes in recent years: the Corporate Service Providers Act 2024 (CSP Act) and the accompanying Corporate Service Providers Regulations 2025. These new laws are designed to strengthen oversight of corporate service providers (CSPs) and close loopholes that have historically allowed shell companies and opaque structures to be used for money laundering or terrorism financing.
The timing of the CSP Act is no coincidence. It follows a massive scandal revealed in 2023 involving more than S$3 billion in suspected money laundering, which highlighted serious weaknesses in how companies were being set up and managed. By tightening the rules, the government wants to make sure that CSPs are no longer the weak link in Singapore’s anti-money laundering and counter-terrorism financing framework.
Under the new regime, registration is mandatory for all CSPs, even those serving only overseas clients. Failure to register is a criminal offence and can result in fines of up to S$50,000, imprisonment for up to two years, or both. For firms that continue to operate without registration, daily penalties may also be imposed.
CSPs now have strict obligations to conduct customer due diligence. This includes verifying clients, beneficial owners and agents, carrying out sanctions screening, and monitoring customers on an ongoing basis. Where customers are considered high-risk, CSPs must apply enhanced checks, while simplified checks are only permitted in low-risk scenarios. Remote identification and verification of customers also fall within the rules, reflecting the rise of digital transactions.
The law goes beyond basic compliance checks. CSPs are required to establish comprehensive internal policies and controls, covering areas such as staff training, internal audits, risk assessments, reporting processes, and record-keeping. These requirements also extend to group-wide operations, meaning branches and subsidiaries outside Singapore must apply equivalent standards.
Penalties under the CSP Act are tough. Each breach can result in fines of up to S$100,000, and senior management cannot hide behind the company. Directors and key officers can be held personally liable if they fail to exercise proper oversight.
Another major change relates to nominee directors. In the past, nominee arrangements were often abused to disguise real ownership and control. The CSP Act now requires that nominee directors either be registered CSPs themselves or be appointed through one. They must also meet “fit and proper” standards, including being free from fraud convictions, bankruptcy, or misconduct. CSPs are responsible for ensuring that the individuals they arrange are competent and suitable for the role.
For businesses, these reforms mean it is time to reassess compliance frameworks. Even firms that provide what might seem like peripheral services—such as registered office addresses or company secretarial support—may now fall under the scope of the Act. CSPs need to invest in stronger compliance programs, document their risk assessments, and keep clear records of oversight by management.
Compared to the old regime, the changes are stark. Obligations that were once scattered and loosely defined are now codified in detail. Ambiguities around whether CSPs serving only foreign clients had to comply are gone. And nominee director arrangements that used to escape scrutiny are now tightly regulated.
While the CSP Act brings heavy responsibilities, it also presents opportunities. Firms that adapt quickly and build robust systems will not only stay on the right side of the law but also enhance their credibility in the market. Strong compliance can become a competitive edge, reassuring clients, investors, and regulators alike.
In short, the CSP Act 2024 signals Singapore’s determination to remain a trusted global business hub. For CSPs, the message is clear: adapt and strengthen your practices, or face the consequences.
