News Image

The CSP Act

“Incidental” Corporate Services Now A Top-Tier Regulatory Risk
Victor Lai
BY Victor Lai
3 Mar 2026

TAKEAWAYS

  • For Chartered Accountants (CAs), the CSP Act may be considered a fundamental recalibration of risk, responsibility, and professional duty.
  • CAs should look out for any potential blind spots that may have developed before the CSP Act came into effect, as these could make them contravene the requirements of the Act.
  • The CSP Act provides an opportunity for willing professional firms to differentiate themselves from the rest.
  • CAs are required to demonstrate integrity, analytical rigour, and adherence to standards. The CSP Act is a call to extend the deployment of these criteria into a new domain.

If you are a Chartered Accountant (CA) in practice, consider this scenario: A long-standing audit client, a family-owned business, asks for your help. They want to expand into a new market and need to incorporate a new Singapore entity. You agree, as you always have. Your junior associate handles the incorporation with ACRA. You provide the registered office address. Perhaps a partner even agrees to be the initial director as a value-added service, a usual act to strengthen client relationship. It’s routine … until it isn’t.

Until the newly incorporated company starts to function as a node in a complex money laundering network, and a multi-billion-dollar scandal of 2023 proportions – the one that flooded our news feeds – start lapping at the firm’s door. Until the regulators start to make their presence felt at the firm’s office, asking not just about the audit files, but questioning the firm’s Corporate Service Provider (CSP) processes. The firm’s Customer Due Diligence (CDD) records relating to the incorporation of the newly set-up entity is called for scrutiny. The regulators request, for review, the written Nominee Director agreement between the firm and the client. They demand evidence of ongoing monitoring of money laundering risks.

The above scenario, while scary, is no longer hypothetical. With the Corporate Service Providers Act (CSP Act) having come into full effect since June 2025, the business landscape has undergone a seismic shift. For CAs, this isn’t just a new statute for the corporate secretarial team; it could be considered a fundamental recalibration of risk, responsibility, and professional duty.

FROM THE PERIPHERY TO THE CORE: HOW ACCOUNTING FIRMS ARE DRAWN INTO THE NET

The first and most critical mindset shift is to understand the scope of the CSP Act. Many accounting firms have historically viewed activities such as company incorporation, providing a registered address, or acting as a Nominee Director as ancillary, almost administrative services. They were, thus far, the “and” in “audit, tax, and corporate secretarial”.

The CSP Act obliterates this distinction. Its definitions are deliberately broad, capturing any entity that provides corporate services by way of business. This is not defined by volume or revenue. If these services are offered routinely to clients and invoiced for, the firms are almost certainly acting “by way of business” and require a licence. The notion of “incidental” activity is not a safe harbour. Services that were provided in the past that were not in the scope of the former Registered Filing Agent (RFA) Guidelines may now very well be within the scope of the CSP Act.

The staggering multi-billion-dollar money laundering case in 2023 was a brutal lesson for Singapore. It demonstrated how shell companies, opaque corporate structures, and complacent Nominee Directors could be abused to clean illicit funds and integrate them into Singapore’s robust financial system. The perpetrators didn’t just misuse bank services, they abused the entire ecosystem of professional service providers.

In October 2025, it was reported that a Cambodian scandal involving Singapore companies, and Prince Holding Group and its chairman, were accused by US authorities of running a massive transnational criminal organisation that involved online scams, forced labour, and money laundering. The case also highlighted issues for CSPs in Singapore who may have inadvertently facilitated these activities.

The government’s response to these high-profile cases culminated in the CSP Act – a move from ACRA’s RFA guidelines to an enforceable statute with sharper teeth, aimed directly at the gatekeepers.

THE FOUR PITFALLS: WHERE EVEN THE BEST FIRMS ARE LIKELY TO STUMBLE

Your experience as a CA is your greatest asset, but it can also breed blind spots. You may assume that complexity lies in business valuation or transfer pricing, not in “simple” company set-ups. This is where complacency creeps in.

1. The AML/CFT Compliance chasm

Your firm may have robust anti-money laundering (AML) procedures for its audit work. The critical question is: Are they seamlessly and rigorously integrated into your CSP activities?

  • Beyond KYC (know your customer) to source of wealth: For a tax engagement, you might need to understand your client’s income model. For a CSP engagement under the Act, you may have to further understand and verify their source of wealth. Wherefrom does the money for the initial share capital truly originate? This requires a deeper, more inquisitive, and sometimes uncomfortable level of enquiry.
  • Documentation is fundamental: In an audit, your workpapers are your defence. Under the CSP Act, your CDD records are evidence of fulfilment for your compliance obligations. If a decision isn’t documented, it didn’t happen. ACRA regulators will demand to see a clear documentation trail for every client, demonstrating how you assessed risk, what due diligence you performed, and why you concluded it, was satisfactory.
  • Ongoing monitoring, not just onboarding: The obligation doesn’t end after incorporation. You have a continuous duty to monitor the business relationship, scrutinise transactions for inconsistencies, and be alert to red flags. This is a dynamic process, not a static filing exercise.

2. The Nominee Director nightmare

This is perhaps the single greatest personal risk for partners and senior staff. Agreeing to act as a Nominee Director for a client has traditionally been considered part and parcel of the “full-suite of services”. The CSP Act reinforces that it is one of the most significant risk-weighted decisions you can make.

A Nominee Director is a director in the full legal sense under the Companies Act, with all the attendant fiduciary duties and potential liabilities. The CSP Act mandates that this relationship must be formalised in a written agreement that ensures:

  • Your ability to make independent judgements;
  • Your access to all company information required to fulfil your duties;
  • A full indemnity from the client.

Without this, a Nominee Director is effectively a passive puppet, and personally liable for the company’s actions, with the firm’s licence also on the line. The days of the “name-only” director are over.

3. The problem of the structural silos

Many firms operate with a “corporate secretarial department” that functions somewhat independently from the core audit and tax practice. This structure enhances the risk for the firms under the new regime.

The knowledge of a client held by the audit partner is invaluable cross-referencing for the CSP team. Conversely, something suspicious uncovered during a company secretarial task (for example, a sudden change in beneficial ownership) should be immediately communicated to the audit team. The CSP Act now warrants a firm-wide, integrated approach to risk management. Compliance cannot be siloed; it must be part of the firm’s cultural fabric and understood consistently by every partner and manager, regardless of their specialism.

4. Underestimating the “Fit and Proper” requirement

The Act requires not just the firm to be licensed, but all key individuals involved in providing CSP services to be “fit and proper”. This isn’t just about having no public records of criminal convictions. ACRA will assess integrity, reputation, competence, and financial soundness. This means formal background checks, ongoing training records, and a documented assessment process for all staff, from the partner approving the engagement to the junior associate filing the forms. Neglecting this holistic personnel assessment would add to the risk of CSP licence rejection or revocation.

FROM COMPLIANCE BURDEN TO COMPETITIVE EDGE

This is not merely a warning of risk; it is also a story of opportunity. The CSP Act also provides the opportunity for willing professional firms to differentiate themselves from the rest.

  • Enhanced reputation: Demonstrating full compliance signals to clients, banks, and regulators that the firm is a serious, top-tier operator that takes its gatekeeping role with utmost seriousness;
  • Better clients: Rigorous onboarding processes naturally deter clients with questionable credentials. Those with complex, opaque structures and demonstrating unwillingness to be transparent would be rejected by the robustness of the selection process;
  • Deeper client insight: The process of conducting enhanced due diligence would provide a far richer understanding of the client’s business and ownership, making audit, tax, and advisory services more insightful and valuable.

THE CALL TO ACTION: A MANDATE FOR LEADERSHIP

CAs are required to demonstrate integrity, analytical rigour, and adherence to standards. The CSP Act is a call to extend the deployment of these criteria into a new domain.

  1. Integrate, don’t separate: The CSP AML procedures need to be weaved into every firm’s core risk management framework. The existing silos, if any, between audit, tax, and corporate secretarial services must be removed.
  2. Invest in expertise: This is not the time for half-measures. Investment in training for every level of professional staff in the firm must be made mandatory, and assessment should be made whether seeking external regulatory advice to navigate the complexities of the licensing application and ongoing compliance is warranted.
  3. Embrace the role as a gatekeeper: Recognise that the firm’s role is no longer just a service provider; it is now a crucial link in the chain that guards the integrity of Singapore’s financial system. This is a professional duty that aligns perfectly with the ethical foundations of the CA profession.

Victor Lai is Principal Consultant, CitadelCorp, and ISCA CGRMC Member.

Loading spinner