SINGAPORE – The Monetary Authority of Singapore (MAS) and the US Treasury, in a joint statement on Thursday (Feb 6), supported the case for cross-border data transfer by financial services firms without the need for data localisation, as long as financial regulators have access to data needed for regulatory and supervisory purposes.
Data localisation is the practice of keeping data within a country’s borders.
The statement of intent is not legally binding, but through it, “the US and Singapore recognise that the ability of financial institutions to aggregate, store, process and transmit data across borders is critical to financial sector development”.
“The statement of intent between the Monetary Authority of Singapore (MAS) and the US Treasury reflects a strong commitment to safeguard cross-border data connectivity for financial institutions so that the financial system is safer and more efficient. We look forward to working with the international community to develop standards that support the trust and security for cross-border flows of financial data,” said MAS’s spokesman.
According to the statement, the US and Singapore intend to seek to promote adoption and implementation of policies and rules in their bilateral and multilateral economic relationships that will help to achieve the following goals:
• Ensuring that financial services suppliers can transfer data, including personal information, across borders by electronic means if the activity is for conducting a financial service supplier’s business.
• Opposing restricting measures where data can be stored and processed for financial services suppliers as long as financial regulators have full and timely access to data needed to fulfil their regulatory and supervisory mandates.
• Ensuring that financial services suppliers have the chance to remedy the lack of access to such data before being required to use or locate computing facilities locally.
The US and Singapore also intend to share information on developments related to these issues and, as appropriate, encourage third countries to adopt policies consistent with the joint statement.
Data localisation requirements can increase cybersecurity and other operational risks, hinder risk management and compliance, and inhibit financial regulatory and supervisory access to information, according to the joint statement.
It aids these goals by making it easier to detect cross-border money laundering and terrorist financing patterns, defend against cyberattacks, and manage and assess risk on a global basis, said the statement.