Singapore's AI Governance Framework: What Businesses in Asia-Pacific Need to Know

Singapore's position in global AI governance

Singapore has pursued a distinctive approach to AI governance: early, principles-based, internationally engaged, and designed to support AI adoption rather than primarily constrain it. The result is one of the most developed AI governance ecosystems in Asia, and a framework that organisations operating in the region need to understand.

Unlike the EU's legislative approach, binding regulation with significant penalties, Singapore has built its AI governance framework primarily through guidance, voluntary frameworks, and sector-specific principles. This does not mean AI governance is optional for Singapore-based businesses: for financial services firms regulated by MAS, AI governance is an increasing supervisory expectation. For organisations seeking enterprise contracts or government procurement in Singapore, AI governance documentation is increasingly a requirement.

The Model AI Governance Framework (MAIGF)

The Infocomm Media Development Authority (IMDA) published the Model AI Governance Framework in 2019, updated in 2020. It is the primary AI governance reference document for organisations operating in Singapore and remains one of the most practically useful AI governance frameworks published by any government globally.

The MAIGF is structured around two core principles: decisions made by or with AI should be explainable, transparent, and fair; and AI systems should be human-centric, designed to augment human decision-making rather than replace human accountability.

The framework covers four governance pillars: internal governance structures and ownership (accountability); determining the level of human involvement in AI-driven decisions (human oversight); managing operations responsibly (operational risk); and being transparent with customers about AI use (external transparency).

While the MAIGF is voluntary, it has become a de facto compliance baseline for large organisations in Singapore. Enterprise procurement processes, MAS supervisory expectations, and Singapore government contracts all draw on MAIGF language and concepts.

MAS guidance for financial services

The Monetary Authority of Singapore has published principles for responsible use of AI in financial services, aligned with the MAIGF but more specifically targeted at banks, insurers, and capital markets firms. The MAS principles emphasise: fairness (AI should not produce discriminatory outcomes); ethics (AI use should be consistent with ethical standards and societal norms); accountability (clear governance structures for AI decisions); transparency (appropriate disclosure to customers and regulators); and reliability (AI systems should perform consistently and safely).

MAS has been explicit that AI governance is an increasing supervisory priority. Financial institutions subject to MAS regulation should anticipate governance questions in supervisory examinations, and should be able to demonstrate: a documented AI governance framework; an AI system inventory with risk classification; evidence of bias testing for customer-facing AI; human oversight mechanisms for consequential decisions; and incident reporting processes for AI failures.

AI Verify: Singapore's testing framework

The AI Verify Foundation, established by IMDA, administers the AI Verify testing framework, a practical toolkit enabling organisations to test their AI systems against the MAIGF's principles and produce documented test reports. AI Verify tests cover eleven areas, including transparency, explainability, fairness, and security.

AI Verify reports are not yet mandatory for most contexts, but are increasingly requested in enterprise procurement and government contracting in Singapore. Organisations deploying AI in Singapore should be aware of the framework and consider whether producing AI Verify documentation would support their market development objectives.

PDPA and AI governance

Singapore's Personal Data Protection Act creates specific obligations relevant to AI governance. The PDPA's data protection obligations apply to personal data used in AI training and deployment. The Advisory Guidelines on Use of Personal Data in AI Recommendation and Decision Systems, published by the Personal Data Protection Commission, address the use of personal data in AI systems specifically.

Key PDPA obligations for AI governance: purpose limitation, personal data used to train an AI system must be used only for purposes for which consent was obtained or that fall within PDPA exceptions; data accuracy, organisations must take reasonable steps to ensure personal data used in AI is accurate; and automated decision-making, where AI makes decisions that significantly affect individuals, individuals have rights to understand and challenge those decisions.

Aligning Singapore and EU frameworks

Organisations operating in both Singapore and the EU face the practical challenge of operating across two sophisticated but structurally different AI governance frameworks. The good news is that the frameworks share core principles, human oversight, transparency, fairness, accountability, that can be addressed through a single governance program.

The practical approach: build a governance framework anchored on the EU AI Act's more prescriptive requirements (which create the floor for compliance obligations), and map MAIGF and MAS principles onto the same underlying governance structures. Where MAIGF requires documentation of human oversight mechanisms, the EU AI Act's equivalent requirements likely require similar or more detailed documentation, satisfying the EU requirement typically satisfies the Singapore requirement simultaneously.

The areas requiring specific Singapore attention: AI Verify documentation, if relevant to your procurement objectives; MAS-specific requirements for financial services firms; and PDPA obligations for personal data used in AI systems, which interact with but differ from GDPR in some important respects.