Policy Briefing — MAS Individual Accountability Guidelines
The Monetary Authority of Singapore issued Guidelines on Individual Accountability and Conduct on September 10, 2020, formalising senior manager accountability, conduct risk governance, and remediation expectations for financial institutions.
Executive briefing: The Monetary Authority of Singapore (MAS) finalised the Guidelines on Individual Accountability and Conduct (IAC) on 10 September 2020, requiring banks, insurers, and capital market intermediaries to identify senior managers, key responsibilities, and misconduct risk controls by 10 September 2021. Firms must formalise governance maps, strengthen conduct risk frameworks, and embed accountability obligations across Singapore operations.
Applicability and regulatory expectations
The guidelines apply to MAS-regulated financial institutions (FIs) including banks, merchant banks, insurers, brokers, capital markets services licensees, licensed trust companies, and designated payment system operators. MAS expects proportional implementation based on business size, complexity, and risk profile. The framework outlines five outcomes: identifying and documenting senior managers, ensuring senior managers are fit and proper, enforcing clear conduct standards for employees, strengthening governance of material outsourcing arrangements, and maintaining effective risk and compliance frameworks.
Senior managers encompass individuals with executive decision-making authority over core functions—business lines, risk management, compliance, finance, operations, technology, and anti-money laundering. MAS emphasises timely notification of changes, robust handover processes, and accountability for misconduct within areas of responsibility.
Senior manager identification and responsibility mapping
Develop a Management Responsibility Map (MRM) capturing reporting lines, committees, and key responsibilities. Use templates aligned with MAS guidance, including role descriptions, reporting relationships, and deputies. Ensure coverage of all regulated activities in Singapore, including branches and subsidiaries. Document matrices linking business activities, regulatory obligations, and accountable individuals.
Conduct workshops with business heads, compliance, HR, and legal to validate mappings. Resolve overlaps or gaps by clarifying role scopes and, where necessary, reassigning responsibilities. Maintain a central repository accessible to MAS upon request. Implement change control procedures requiring approval from the CEO or board when responsibilities shift, accompanied by updated MRMs and statements of responsibility.
Fit and proper assessments and hiring controls
Enhance fitness and propriety frameworks to cover integrity, competence, financial soundness, and regulatory history. Establish pre-employment vetting for senior managers, including background checks, reference verification, and regulatory attestations. Document periodic reassessments—at least annually or upon material role changes. Integrate outcomes into HR systems and performance reviews.
For overseas appointments impacting Singapore operations, coordinate with global HR and compliance to ensure consistent standards. Track regulatory approvals and notifications required under MAS Notices (e.g., 643 for banks). Maintain training records demonstrating that senior managers understand regulatory obligations, conduct expectations, and escalation pathways.
Conduct risk framework
Design conduct risk policies that articulate expected behaviours, misconduct definitions, and disciplinary processes. Align with MAS’ emphasis on a strong risk culture, fair dealing, and customer outcomes. Implement conduct risk assessments identifying inherent risks, controls, and monitoring indicators across front-office, operations, technology, and support functions.
Develop key risk indicators (KRIs) such as customer complaints, trading breaches, policy exceptions, late regulatory filings, and staff turnover. Integrate KRIs into dashboards reviewed by senior management and the board. Establish investigation protocols for potential misconduct, including root cause analysis and remediation tracking. Document disciplinary actions and consider regulatory notifications where misconduct is material.
Training, communication, and culture
Roll out training tailored to different employee segments. Senior managers require deep dives into accountability obligations, case studies, and expectations for oversight. Front-line staff should receive conduct training focused on customer interactions, product suitability, and escalation. Reinforce messages through town halls, intranet content, and leadership communications emphasising ethical behaviour.
Incorporate conduct expectations into performance management and remuneration structures. Align variable compensation with risk-adjusted metrics, clawback provisions, and malus triggers for misconduct. Encourage speak-up culture by enhancing whistleblowing channels, protecting confidentiality, and providing feedback on reported issues.
Risk management, compliance, and internal audit coordination
Risk and compliance functions must review policies, procedures, and controls supporting accountability outcomes. Update compliance monitoring plans to test adherence to responsibility maps, conduct policies, and disciplinary procedures. Integrate accountability considerations into risk assessments, focusing on areas with high conduct risk—e.g., trading, wealth management, outsourcing.
Internal audit should include accountability in its audit universe, performing thematic reviews on governance structures, responsibility mapping accuracy, and control effectiveness. Report findings to the board audit committee and track remediation progress. Ensure audit workpapers capture evidence of management ownership and follow-up actions.
Outsourcing governance
MAS emphasises that senior managers remain accountable for outsourced activities. Update outsourcing inventories, assess criticality, and confirm designated senior managers oversee each arrangement. Review outsourcing agreements for clarity on performance standards, data protection, subcontracting, and termination rights. Implement monitoring routines—service reviews, performance dashboards, and incident reporting.
Coordinate with technology and operations teams to evaluate third-party resilience, including cybersecurity, business continuity, and pandemic response. Document contingency plans and exit strategies. Align outsourcing governance with MAS’ revised Notice 634 and Guidelines on Outsourcing, ensuring consistency across accountability frameworks.
Implementation roadmap and milestones
Plan phased delivery:
- Q4 2020: Establish project governance, perform gap analysis against MAS outcomes, and draft MRMs.
- Q1 2021: Finalise responsibility maps, update fit and proper policies, and launch training programmes.
- Q2 2021: Embed conduct KRIs, integrate accountability metrics into performance management, and refresh outsourcing oversight documentation.
- Q3 2021: Conduct assurance reviews, remediate control gaps, and prepare board attestations ahead of enforcement date.
Maintain regular steering committee meetings with reporting to the board risk committee. Track progress using dashboards highlighting key actions, responsible owners, and completion status.
Regulatory engagement and documentation
Prepare to evidence compliance during MAS inspections. Maintain comprehensive documentation—MRMs, statements of responsibility, training records, conduct risk assessments, disciplinary logs, and outsourcing oversight reports. Conduct mock regulatory reviews to test readiness and refine narratives.
Engage proactively with MAS through supervisory meetings, thematic surveys, and industry forums. Share implementation progress, challenges, and planned mitigations. Align accountability initiatives with related regulations, including the Guidelines on Risk Culture, Fair Dealing, and MAS Notices on AML/CFT, to present a coherent compliance posture.
Leadership imperatives
Executives must lead by example, reinforcing ethical standards and accountability. Set tone from the top, emphasise transparency, and allocate resources for control enhancements. Integrate accountability objectives into strategic planning and ensure senior managers possess the authority and support to manage risks effectively. By embedding the MAS IAC guidelines into governance frameworks, FIs can strengthen trust with regulators and customers while reducing conduct risk.
Follow-up: The guidelines took effect in September 2021, MAS issued a 2022 supervisory paper on observed practices, and a 2023 consultation proposed extending the regime to capital markets intermediaries by 2024.
Sources
- MAS Guidelines on Individual Accountability and Conduct — Monetary Authority of Singapore; Finalised guidelines detailing MAS expectations for senior manager accountability and conduct standards.
- MAS Response to Feedback on the Individual Accountability and Conduct Guidelines — Monetary Authority of Singapore; MAS consultation response describing implementation timeline and proportionality considerations for the IAC guidelines.