When the Monetary Authority of Singapore published its Digital Banking Framework in 2019 and began issuing digital bank licences in 2022, the rest of the region was watching. Not because Singapore moved first. Vietnam and Indonesia had each issued digital banking licences before MAS finalized its own framework. It was because Singapore moved with deliberate structure. The MAS digital finance regulation approach in Southeast Asia became the regional benchmark, the architecture every other national regulator would eventually measure itself against, even when they chose to build something different.
What that framework contains, and what it has actually produced, is worth understanding in detail. So is what Indonesia, Malaysia, and Thailand have built in parallel, because the differences between these four regulatory architectures reveal something important about how financial inclusion, consumer protection, and systemic stability trade off against each other in emerging market contexts. Each regulator made a different call. Understanding why illuminates where each system is strong, where it is fragile, and what the broader regional trajectory in digital finance looks like from here.
What Singapore’s Framework Does Differently
The MAS approach to digital finance rests on three structural pillars: restricted licence entry, ring-fenced capital requirements, and a mandatory period of supervised scaling before any move to full commercial operation. Digital full bank licences require a minimum paid-up capital of SGD 1.5 billion at full operation, with a restricted phase in which deposit-taking is capped at SGD 50 million and product scope is deliberately limited. Digital wholesale bank licences carry a lower capital floor but are restricted to serving small and medium enterprises and non-retail customers only, which means they cannot compete for the mass-market current accounts that make consumer banking profitable at scale.
This architecture produces a system in which risk is stratified at the point of entry rather than managed through enforcement after problems emerge. The licensing requirements exclude undercapitalized players at the outset. The restricted phase creates a structured on-ramp that limits systemic exposure while new entrants establish product-market fit under close supervisory oversight. According to the MAS Annual Report 2023/2024, Singapore’s licensed digital banks had collectively onboarded over two million customers by the end of that fiscal year while maintaining a non-performing loan ratio below the conventional banking sector average. The restricted licence structure appears to have performed its intended function.
What this system is not designed to do is expand financial access quickly or broadly. Singapore’s conventional banking penetration already exceeds 98 percent of the adult population. The pressure to move fast on financial inclusion is comparatively low. The MAS framework is optimized for stability in a market that does not need digital banking to close an access gap. That context matters enormously when evaluating how transferable the approach is.
What Indonesia’s OJK Is Working Through
Indonesia’s approach through the Financial Services Authority (OJK) has moved faster than Singapore’s but with a different set of tradeoffs. Rather than issuing greenfield digital bank licences to new market entrants, Indonesia has primarily allowed existing licensed banks to convert into digital-first entities. By 2024, several of the country’s better-known digital banks were former conventional banks that had restructured their operations under OJK’s digital bank classification standards.
The conversion model has genuine advantages. Existing capital bases reduce onboarding risk. Established customer relationships provide a starting point for digital migration. But the model has also produced a pattern where digital transformation is often surface-level: mobile-first front ends layered onto legacy core banking infrastructure rather than systems rebuilt from scratch to serve digital economics. The OJK Financial Stability Review flagged ongoing cybersecurity readiness concerns among converted digital banks, which suggests the regulatory framework has, in some cases, moved ahead of the operational maturity it was designed to oversee. For Indonesian consumers, access has expanded and the cost of certain credit products has declined in underserved segments. But the consumer protection infrastructure, particularly around data privacy for platform-shared financial data, remains thinner than Singapore’s equivalent framework.
How Malaysia’s BNM Approached Digital Banking
Bank Negara Malaysia took a middle path. Under its digital bank licensing framework published in 2021 and operationalized in 2022, BNM issued five digital bank licences with tiered capital and product restrictions not unlike Singapore’s restricted phase model. The critical structural difference is that Malaysia’s framework embedded a financial inclusion mandate directly into the licensing conditions. Applicants were assessed on their demonstrated capability to serve underserved segments, including micro-businesses, gig workers, and rural populations, rather than simply on their capital strength and governance quality.
Each of Malaysia’s five digital bank licensees is required to submit a five-year financial inclusion plan and demonstrate traction against inclusion targets as a condition of transitioning from the restricted phase to full commercial operation. This is a structural departure from the MAS model, which is inclusion-positive in outcome but not explicitly inclusion-mandated in licensing architecture. So what does this mean in practice? Malaysia’s digital banks began restricted operations across 2024, with several focusing on underserved segments in Sabah, Sarawak, and semi-urban areas of Peninsular Malaysia where conventional bank branch density remains low. The inclusion mandate appears to be directing capital toward the intended populations. Whether the business models attached to those inclusion commitments are financially sustainable at scale remains to be seen, and that question will likely determine whether the Malaysian approach proves replicable elsewhere in the region.
Thailand’s Infrastructure-First Strategy
The Bank of Thailand has taken the most cautious path of the four. As of early 2025, Thailand had not issued dedicated digital bank licences, though a formal consultation process has been underway since 2023. The BOT has instead focused on upgrading the digital infrastructure available to existing licensed institutions, including a national payment rail overhaul and expanded open banking standards designed to allow third-party providers to access customer data with appropriate consent.
The argument for this sequencing is that infrastructure should precede licensing. A digital bank operating on Thailand’s existing core banking infrastructure faces the same operational constraints as a conventional bank with a better mobile interface. Issuing licences before the underlying infrastructure is ready creates the appearance of regulatory modernization without the substance. Thailand’s approach may prove prescient if the infrastructure investment produces a genuinely more capable licensing environment by 2026 or 2027. The cost has been speed, and some of that speed differential has translated into market share held by regional fintech players operating through partnership arrangements with existing Thai banks. Whether that is an acceptable tradeoff is a question the BOT is still answering.
The Structural Tradeoff Behind Every Framework
Taken together, these four regulatory architectures reveal a tension that every SEA regulator is navigating in its own way: the tradeoff between financial inclusion velocity and systemic risk management. Singapore has optimized for stability. Indonesia has optimized for access speed. Malaysia has attempted to mandate both through licensing conditions. Thailand has sequenced infrastructure before access.
None of these positions is categorically wrong. The right answer depends on the risk tolerance of the sovereign, the maturity of the existing banking sector, the severity of the financial exclusion problem the regulator is trying to solve, and the political economy of who bears the cost when a digital bank fails. Singapore’s framework is the cleanest architecture. It is also designed for a market where financial exclusion is not a meaningful policy problem. Replicating the MAS framework wholesale in Indonesia or Malaysia, where substantial portions of the population remain underbanked, would solve for systemic tidiness at the expense of the problem each regulator is actually mandated to address.
What Indonesia, Malaysia, and Thailand are building is not a diluted version of Singapore’s framework. Each represents a different answer to a different sovereign question. The more productive comparison is not which framework is better in the abstract, but what each reveals about how seriously each government takes the structural risks it has chosen to prioritize.
What This Means for Financial Professionals in the Region
If you work in financial services anywhere in SEA, the divergence between these four frameworks has practical consequences that compound as regional banks and fintech players expand across borders. Compliance functions at regional institutions are operating under materially different rule sets in each market, and those rule sets are not converging on a single standard. The regulatory arbitrage opportunities this divergence creates are real, and so are the compliance costs of managing across them simultaneously.
For founders and operators building financial technology products across the region, licensing environment determines go-to-market path more than product design does. Understanding not just what each set of rules says but what philosophy produced those rules helps anticipate where each framework will evolve as it matures. The cross-border payment infrastructure challenges that make daily financial flows across SEA unnecessarily expensive are inseparable from these regulatory architecture differences. So is the ongoing discussion about how CBDCs are being designed across the region and what that implies for the future of the payment stack.
Singapore’s MAS digital finance regulation is the regional benchmark because it built with structure first. That structure produces stability. It is also producing a framework designed for a market context most of SEA does not share. Reading the benchmark correctly means understanding what problem it was built to solve, not just how well-designed it is.
