Evidence of the effect of technology on the business of banking in Singapore includes the emergence of five fully digital banks since 2022. The digital banks have no physical branches and focus on the more modern payment services, particularly payment cards and electronic funds transfers (ETFs). The smart phone is probably the most significant device for accessing these services because of its comprehensive payment capability. While technology has perhaps had the most profound effect on payments, lending and financial advising have seen significant developments too. Examples include algorithmic credit scoring to assess creditworthiness and robo-advising. In my chapter on ‘Banking Law’ in Simon Chesterman, Goh Yihan and Andrew Phang Boon Leong (eds), Law and Technology in Singapore (2nd edition, Academy Publishing, 2025), I discuss the role and effect of technology on the business of banking in Singapore, with a focus on four core retail banking services: deposit-taking, lending, payments, and financial advice.
My chapter looks at how the law has been challenged to keep pace with technological changes, under five headings:
1) Authorisation and authentication of transactions
The traditional manuscript or ‘wet ink’ signature is being replaced by digital alternatives, namely a combination of usernames, passwords, and PINs, or digital tokens secured by face recognition or fingerprint. In Singapore, the Electronic Transactions Act 2010 facilitates the migration away from manuscript signatures and the use of electronic records.
2) Third-party fraud
Historically, the bank was liable for any payments not authorised by the customer – with limited exceptions, and the customer was liable for all authorised payments notwithstanding any influence by a fraudster. In Singapore, however, the risk of unauthorised payments has substantially been shifted by contract to customers. A high-profile phishing scam in 2021 prompted some changes in this trend as regards electronic payments via a soft law framework which allocates liability for unauthorised payments following a phishing scam to the customer provided the implicated banks and telecommunication operators fulfilled specified anti-scam duties. As regards authorised payment scams, the risk of which falls on the customer at common law, the bank’s duty of care when processing a payment instruction offers limited protection. I have argued elsewhere that this duty is wider in Singapore than in the UK: see my blog post ‘A bank’s duty to question payment instructions, aka the Quincecare duty’, 30 September 2024:. However, the duty of care will only assist when the payment instruction is so out of character for the customer that it would arouse a reasonable bank’s suspicions. A novel legislative measure that will reduce some authorised payment scams when it comes into force is the Protection from Scams Act 2025 which gives the police the power to block suspected scam victims from accessing their accounts.
3) Recovery of Mistaken Payments
Newer payment mechanisms, particularly mobile phone payments, have increased the prevalence of mistaken payments and exposed practical difficulties in recovering those monies from the unintended recipient. A right to recovery is based on unjust enrichment but the payer may not know the identity of the recipient or how to contact them. The assistance of the banks involved is needed to make the recovery right a realistic prospect. In Singapore, E-payments Guidelines issued by the Monetary Authority of Singapore (MAS) have responded to the problem by setting out the steps that the relevant banks should take once notified of a mistaken payment, including asking the recipient to return the monies.
4) System flaw or malfunction
The extensive adoption of technology in the rendering of banking services requires technology risk to be carefully managed. Potential problems include unplanned system downtime and exploitation of system weaknesses by fraudsters. The MAS’s expectation is that banks must provide safe and secure systems for use by customers, as reflected in their Notice 644 on Technology Risk Management.
5) Finality of payment
An area of law that has seen little development in Singapore despite quite dramatic changes brought about by technology is the principles governing the timing and finality of payment or the allocation of risk when a problem has arisen during the payment process. In the case of card payments, these issues are largely determined by the detailed contractual network that underpins a card payment. For ETFs, the common law approach prevails. Between the payer and payee, payment is generally considered to have been made when the funds are available for the use of the payee, which remains a workable metric. However, as regards countermand or entry reversal (eg because of an insolvency), the courts have in the past attached importance to when the decision was taken to activate the instruction and credit the payee’s account. Today, the idea of a ‘decision’ by a bank is artificial although the problem is offset to an extent by contract terms which might restrict the right to countermand.
The final segment of my chapter identifies three areas of likely further development thanks to technology. The first is the ongoing need for measures to reduce the risk of payment fraud, particularly for consumer customers. The second development is open banking which involves the consensual and secure sharing by banks of customer data with third-party providers to allow the latter to offer their services to customers and thereby improve choice and efficiency. While open banking has not been embraced in Singapore, such a development – however gradual – seems inevitable. The final development is the growing use of AI and potential use of generative AI in most aspects of banking business including customer services, fraud detection, loan application processing, financial advice, contract drafting, and anti-money laundering compliance. Some jurisdictions have already responded with regulatory intervention to deal with the risks. In Singapore, the MAS is working with the financial sector to develop an AI Risk Framework.
In conclusion, technology has had a dramatic effect on the services banks offer, the way in which they offer their services, and the regulatory framework which seeks to ensure the fair and safe conduct of banking business. This trend is certain to continue.
Keywords: Banking, FinTech, Payments
AUTHOR INFORMATION
Dr Sandra Booysen is Director of the Centre for Banking & Finance Law (CBFL) and Associate Professor of Law at NUS. Sandra also serves on the editorial board of two academic journals: Singapore Journal of Legal Studies, the journal of NUS Law, and International Banking and Securities Law, published by Brill.
Email: lawsab@nus.edu.sg