As one of Asia’s most digitally mature economies, Singapore was an early mover in national digital transformation and is now turning that head start into resilient, innovation-led economic value. Today, the conversation across boardrooms, regulators, and industry circles has evolved: it’s no longer just about adopting technology but about embedding digital as a systemic driver of competitiveness, inclusion, and sustained growth.
Singapore’s approach offers a model for the region, with its commitment to building a holistic digital ecosystem. This goes beyond infrastructure, it includes nurturing digital talent, fostering a vibrant innovation and startup culture, enabling trusted cross-border data flows, and championing public-private collaboration. Crucially, its forward-looking regulatory stance balances support for experimentation with the need to uphold public trust.
Through our conversations with leaders in Singapore and Ecosystm’s broader research, we see a country intentionally architecting its digital future, focused on real-world outcomes, regional relevance, and long-term economic resilience.
Here are five insights that capture the pulse of Singapore’s digital transformation.
Theme 1: Digital Governance as Strategy: Setting the Pace for Innovation & Trust
Singapore’s approach to digital governance goes beyond policy. It’s a deliberate strategy to build trust, accelerate innovation, and maintain economic competitiveness. The guiding principle is clear: technology must be both transformative and trustworthy.
This vision is clearly visible in the public sector, where digital platforms and services are setting the pace for the rest of the economy. Public service apps are designed to be citizen-centric, secure, and efficient, demonstrating how digital delivery can work at scale. The Government Tech Stack allows agencies to rapidly build and integrate services using shared APIs, cloud infrastructure, and secure data layers. Open data initiatives like Data.gov.sg unlock thousands of datasets, while tools such as FormSG and SG Notify make it easy for any organisation to digitise services and engage users in real time.
By leading with well-designed digital infrastructure and standards, the public sector creates blueprints that others can adopt, lowering the barriers to innovation for businesses of all sizes. For SMEs in particular, these tools and frameworks offer a practical foundation to modernise operations and participate more fully in the digital economy.
Singapore is also setting clear rules for responsible tech. IMDA’s Trusted Data Sharing Framework and AI Verify establish standards for secure data use and transparent AI, giving businesses the certainty they need to innovate with confidence. All of this is underpinned by strategic investments in digital infrastructure, including a new generation of sustainable, high-capacity data centres to meet growing regional demand. In Singapore, digital governance isn’t a constraint, it’s a catalyst.
Theme 2: AI in Singapore: From Experimentation to Accountability
Few places have embraced AI’s potential as strongly as Singapore. In 2022 and 2023, fuelled by the National AI Strategy and commercial pressure to deliver results, organisations across industries rushed into pilots in 2022 and 2023. Ecosystm research shows that by 2024, nearly 82% of large enterprises in Singapore were experimenting with AI, with 37% deploying it across multiple departments.
However, that initial wave of excitement soon gave way to realism. Leaders now speak candidly about AI fatigue and the growing demand for measurable returns. The conversation has shifted from “What can we automate?” to “What’s actually worth scaling?” Organisations are scrutinising whether their AI projects deliver tangible value, integrate into daily operations, and meet evolving regulatory expectations.
This maturity is especially visible in Singapore’s banking sector, where the stakes are high and scrutiny is intense. Banks were among the first to embrace AI aggressively and are now leading the shift toward disciplined prioritisation. From actively hunting down use cases, they’ve pivoted to focusing on the select few that deliver real business outcomes. With increasing pressure to ensure transparency, auditability, and alignment with global standards, finance leaders are setting the tone for AI accountability across the economy.
The result: a more grounded, impact-focused AI strategy. While many regional peers are still chasing pilots, Singapore is entering a new phase, defined by fewer but better AI initiatives, built to solve real problems and deliver meaningful ROI.
Theme 3: The Cyber Imperative: Trust, Recovery, and Resilience
Singapore’s digital leadership brings not only opportunities but also increased exposure to cyber threats. In 2024 alone, the country faced 21 million cyberattacks, ranking eighth globally as both a target and a source. High-profile breaches, from vendor compromises affecting thousands of banking customers to earlier incidents like the SingHealth data breach, have exposed vulnerabilities across critical sectors.
These incidents have sparked a fundamental shift in Singapore’s cybersecurity mindset from building impenetrable digital fortresses to embracing digital resilience. The government recognises that breaches are inevitable and prioritises rapid containment and recovery over prevention alone. Regulatory bodies like MAS have tightened incident reporting rules, demanding quicker, more transparent responses from affected organisations.
For enterprises in Singapore, cybersecurity has moved beyond a technical challenge to become a strategic imperative deeply tied to customer trust and business continuity. Leaders are investing heavily in real-time threat detection, incident response, and crisis management capabilities. In a landscape where vulnerabilities are real and constant, cyber resilience is now a critical competitive advantage because in Singapore’s digital economy, trust and operational reliability are non-negotiable.
Theme 4: Beyond Coding: Singapore’s Quest for Hybrid Digital Talent
Singapore’s digital ambitions increasingly depend on its human capital. While consistently ranking high in global talent competitiveness, the city-state faces a projected shortfall of over 1.2 million digitally skilled workers, particularly in fields like cybersecurity, data science, and AI engineering.
But the challenge isn’t purely technical. Organisations now demand talent that bridges technology, business strategy, and regulatory insight. Many digital initiatives stall not from technology limitations, but from a lack of professionals who can translate complex digital concepts into business value and ensure regulatory compliance.
To address this, government initiatives like the TechSkills Accelerator (TeSA) offer training subsidies and career conversion programmes. Meanwhile, leading tech providers including AWS, Microsoft, Google, and IBM, are stepping up, partnering with government and industry to deliver specialised training, certification programmes, and talent pipelines that help close the skills gap.
Still, enterprises grapple with keeping pace amid rapid technological change, balancing reskilling local talent with attracting specialised professionals from abroad. The future of Singapore’s digital economy will be defined as much by people as by technology; and by the partnerships that help bridge this critical gap.
Theme 5: Tracking Impact, Driving Change: Singapore’s Sustainability and Tech Synergy
Sustainability remains a core pillar of Singapore’s digital ambitions, driven by the government’s unwavering focus and supportive green financing options unlike in some markets where momentum has slowed. Anchored by the Singapore Green Plan 2030, the nation aims to double solar energy capacity and reduce landfill waste per capita by 30% by 2030.
Digital technology plays a critical role in this vision. Initiatives like the Green Data Centre Roadmap promote energy-efficient infrastructure and sustainable cooling technologies, balancing growth in the digital economy with carbon footprint management. Singapore is also emerging as a regional hub for carbon services, leveraging digital platforms such as the Carbon Services Platform to track, verify, and trade emissions, fostering credible and transparent carbon markets.
Government-backed green financing schemes, including the Green Bond Grant Scheme and Sustainability-Linked Loans, are accelerating investments in eco-friendly projects, enabling enterprises to fund sustainable innovation while meeting global ESG standards.
Despite these advances, leaders highlight challenges such as the lack of standardised sustainability metrics and rising risks of greenwashing, which complicate scaling green finance and cross-border sustainability reporting. Still, Singapore’s ability to integrate sustainability with digital innovation underscores its ambition to be more than a tech hub. It aims to be a trusted leader in building a responsible, future-ready economy.
From Innovation to Lasting Impact
Singapore stands at a critical inflection point. Already recognised as one of the world’s most advanced digital economies, its greatest test now is execution transforming cutting-edge technology from promise into real, everyday impact. The nation must balance rapid innovation with robust security, while shaping global standards that reflect its unique blend of ambition and pragmatism.
With deep-rooted trust across government, industry, and society, Singapore is uniquely equipped to lead not just in developing technology, but in embedding it responsibly to create lasting value for its people and the wider region. The next chapter will define whether Singapore can move from digital leadership to digital legacy.
It’s been barely one year since we entered the Generative AI Age. On November 30, 2022, OpenAI launched ChatGPT, with no fanfare or promotion. Since then, Generative AI has become arguably the most talked-about tech topic, both in terms of opportunities it may bring and risks that it may carry.
The landslide success of ChatGPT and other Generative AI applications with consumers and businesses has put a renewed and strengthened focus on the potential risks associated with the technology – and how best to regulate and manage these. Government bodies and agencies have created voluntary guidelines for the use of AI for a number of years now (the Singapore Framework, for example, was launched in 2019).
There is no active legislation on the development and use of AI yet. Crucially, however, a number of such initiatives are currently on their way through legislative processes globally.
EU’s Landmark AI Act: A Step Towards Global AI Regulation
The European Union’s “Artificial Intelligence Act” is a leading example. The European Commission (EC) started examining AI legislation in 2020 with a focus on
- Protecting consumers
- Safeguarding fundamental rights, and
- Avoiding unlawful discrimination or bias
The EC published an initial legislative proposal in 2021, and the European Parliament adopted a revised version as their official position on AI in June 2023, moving the legislation process to its final phase.
This proposed EU AI Act takes a risk management approach to regulating AI. Organisations looking to employ AI must take note: an internal risk management approach to deploying AI would essentially be mandated by the Act. It is likely that other legislative initiatives will follow a similar approach, making the AI Act a potential role model for global legislations (following the trail blazed by the General Data Protection Regulation). The “G7 Hiroshima AI Process”, established at the G7 summit in Japan in May 2023, is a key example of international discussion and collaboration on the topic (with a focus on Generative AI).
Risk Classification and Regulations in the EU AI Act
At the heart of the AI Act is a system to assess the risk level of AI technology, classify the technology (or its use case), and prescribe appropriate regulations to each risk class.
For each of these four risk levels, the AI Act proposes a set of rules and regulations. Evidently, the regulatory focus is on High-Risk AI systems.
Contrasting Approaches: EU AI Act vs. UK’s Pro-Innovation Regulatory Approach
The AI Act has received its share of criticism, and somewhat different approaches are being considered, notably in the UK. One set of criticism revolves around the lack of clarity and vagueness of concepts (particularly around person-related data and systems). Another set of criticism revolves around the strong focus on the protection of rights and individuals and highlights the potential negative economic impact for EU organisations looking to leverage AI, and for EU tech companies developing AI systems.
A white paper by the UK government published in March 2023, perhaps tellingly, named “A pro-innovation approach to AI regulation” emphasises on a “pragmatic, proportionate regulatory approach … to provide a clear, pro-innovation regulatory environment”, The paper talks about an approach aiming to balance the protection of individuals with economic advancements for the UK on its way to become an “AI superpower”.
Further aspects of the EU AI Act are currently being critically discussed. For example, the current text exempts all open-source AI components not part of a medium or higher risk system from regulation but lacks definition and considerations for proliferation.
Adopting AI Risk Management in Organisations: The Singapore Approach
Regardless of how exactly AI regulations will turn out around the world, organisations must start today to adopt AI risk management practices. There is an added complexity: while the EU AI Act does clearly identify high-risk AI systems and example use cases, the realisation of regulatory practices must be tackled with an industry-focused approach.
The approach taken by the Monetary Authority of Singapore (MAS) is a primary example of an industry-focused approach to AI risk management. The Veritas Consortium, led by MAS, is a public-private-tech partnership consortium aiming to guide the financial services sector on the responsible use of AI. As there is no AI legislation in Singapore to date, the consortium currently builds on Singapore’s aforementioned “Model Artificial Intelligence Governance Framework”. Additional initiatives are already underway to focus specifically on Generative AI for financial services, and to build a globally aligned framework.
To Comply with Upcoming AI Regulations, Risk Management is the Path Forward
As AI regulation initiatives move from voluntary recommendation to legislation globally, a risk management approach is at the core of all of them. Adding risk management capabilities for AI is the path forward for organisations looking to deploy AI-enhanced solutions and applications. As that task can be daunting, an industry consortium approach can help circumnavigate challenges and align on implementation and realisation strategies for AI risk management across the industry. Until AI legislations are in place, such industry consortia can chart the way for their industry – organisations should seek to participate now to gain a head start with AI.
The Banking, Financial Services, and Insurance (BFSI) industry, known for its cautious stance on technology, is swiftly undergoing a transformational modernisation journey. Areas such as digital customer experiences, automated fraud detection, and real-time risk assessment are all part of a technology-led roadmap. This shift is transforming the cybersecurity stance of BFSI organisations, which have conventionally favoured centralising everything within a data centre behind a firewall.
Ecosystm research finds that 75% of BFSI technology leaders believe that a data breach is inevitable. This requires taking a new cyber approach to detect threats early, reduce the impact of an attack, and avoid lateral movement across the network.
BFSI organisations will boost investments in two main areas over the next year: updating infrastructure and software, and exploring innovative domains like digital workplaces and automation. Cybersecurity investments are crucial in both of these areas.
As a regulated industry, breaches come with significant cost implications, underscoring the need to prioritise cybersecurity. BFSI cybersecurity and risk teams need to constantly reassess their strategies for safeguarding data and fulfilling compliance obligations, as they explore ways to facilitate new services for customers, partners, and employees.
The primary concerns of BFSI CISOs can be categorised into two distinct groups:
- Expanding Technology Use. This includes the proliferation of applications and devices, as well as data access beyond the network perimeter.
- Employee-Related Vulnerabilities. This involves responses to phishing and malware attempts, as well as intentional and unintentional misuse of technology.
Vulnerabilities Arising from Employee Actions
Security vulnerabilities arising from employee actions and unawareness represent a significant and ongoing concern for businesses of all sizes and industries – the risks are just much bigger for BFSI. These vulnerabilities can lead to data breaches, financial losses, damage to reputation, and legal ramifications. A multi-pronged approach is needed that combines technology, training, policies, and a culture of security consciousness.
Training and Culture. BFSI organisations prioritise comprehensive training and awareness programs, educating employees about common threats like phishing and best practices for safeguarding sensitive data. While these programs are often ongoing and adaptable to new threats, they can sometimes become mere compliance checklists, raising questions about their true effectiveness. Conducting simulated phishing attacks and security quizzes to assess employee awareness and identify areas where further training is required, can be effective.
To truly educate employees on risks, it’s essential to move beyond compliance and build a cybersecurity culture throughout the organisation. This can involve setting organisation-wide security KPIs that cascade from the CEO down to every employee, promoting accountability and transparency. Creating an environment where employees feel comfortable reporting security concerns is critical for early threat detection and mitigation.
Policies. Clear security policies and enforcement are essential for ensuring that employees understand their roles within the broader security framework, including responsibilities on strong password use, secure data handling, and prompt incident reporting. Implementing the principle of least privilege, which restricts access based on specific roles, mitigates potential harm from insider threats and inadvertent data exposure. Policies should evolve through routine security audits, including technical assessments and evaluations of employee protocol adherence, which will help organisations with a swifter identification of vulnerabilities and to take the necessary corrective actions.
However, despite the best efforts, breaches do happen – and this is where a well-defined incident response plan, that is regularly tested and updated, is crucial to minimise the damage. This requires every employee to know their roles and responsibilities during a security incident.
Tech Expansion Leading to Cyber Complexity
Cloud. Initially hesitant to transition essential workloads to the cloud, the BFSI industry has experienced a shift in perspective due to the rise of inventive SaaS-based Fintech tools and hybrid cloud solutions, that have created new impetus for change. This new distributed architecture requires a fresh look at cyber measures. Secure Access Service Edge (SASE) providers are integrating a range of cloud-delivered safeguards, such as FWaaS, CASB, and ZTNA with SD-WAN to ensure organisations can securely access the cloud without compromising on performance.
Data & AI. Data holds paramount importance in the BFSI industry for informed decision-making, personalised customer experiences, risk assessment, fraud prevention, and regulatory compliance. AI applications are being used to tailor products and services, optimise operational efficiency, and stay competitive in an evolving market. As part of their technology modernisation efforts, 47% of BFSI institutions are refining their data and AI strategies. They also acknowledge the challenges associated – and satisfying risk, regulatory, and compliance requirements is one of the biggest challenges facing BFSI organisations in the AI deployments.
The rush to experiment with Generative AI and foundation models to assist customers and employees is only heightening these concerns. There is an urgent need for policies around the use of these emerging technologies. Initiatives such as the Monetary Authority of Singapore’s Veritas that aim to enable financial institutions to evaluate their AI and data analytics solutions against the principles of fairness, ethics, accountability, and transparency (FEAT) are expected to provide the much-needed guidance to the industry.
Digital Workplace. As with other industries with a high percentage of knowledge workers, BFSI organisations are grappling with granting remote access to staff. Cloud-based collaboration and Fintech tools, BYOD policies, and sensitive data traversing home networks are all creating new challenges for cyber teams. Modern approaches, such as zero trust network access, privilege management, and network segmentation are necessary to ensure workers can seamlessly but securely perform their roles remotely.
Looking Beyond Technology: Evaluating the Adequacy of Compliance-Centric Cyber Strategies
The BFSI industry stands among the most rigorously regulated industries, with scrutiny intensifying following every collapse or notable breach. Cyber and data protection teams shoulder the responsibility of understanding the implications of and adhering to emerging data protection regulations in areas such as GDPR, PCI-DSS, SOC 2, and PSD2. Automating compliance procedures emerges as a compelling solution to streamline processes, mitigate risks, and curtail expenses. Technologies such as robotic process automation (RPA), low-code development, and continuous compliance monitoring are gaining prominence.
The adoption of AI to enhance security is still emerging but will accelerate rapidly. Ecosystm research shows that within the next two years, nearly 70% of BFSI organisations will have invested in SecOps. AI can help Security Operations Centres (SOCs) prioritise alerts and respond to threats faster than could be performed manually. Additionally, the expanding variety of network endpoints, including customer devices, ATMs, and tools used by frontline employees, can embrace AI-enhanced protection without introducing additional onboarding friction.
However, there is a need for BFSI organisations to look beyond compliance checklists to a more holistic cyber approach that can prioritise cyber measures continually based on the risk to the organisations. And this is one of the biggest challenges that BFSI CISOs face. Ecosystm research finds that 72% of cyber and technology leaders in the industry feel that there is limited understanding of cyber risk and governance in their organisations.
In fact, BFSI organisations must look at the interconnectedness of an intelligence-led and risk-based strategy. Thorough risk assessments let organisations prioritise vulnerability mitigation effectively. This targeted approach optimises security initiatives by focusing on high-risk areas, reducing security debt. To adapt to evolving threats, intelligence should inform risk assessment. Intelligence-led strategies empower cybersecurity leaders with real-time threat insights for proactive measures, actively tackling emerging threats and vulnerabilities – and definitely moving beyond compliance-focused strategies.
As they continue to promote innovation in the Financial Services industry, the Monetary Authority of Singapore (MAS) introduced the Financial Sector Technology and Innovation Scheme 3.0 (FSTI 3.0) earlier this week, pledging up to SGD 150 million over three years. FSTI 3.0 aims to boost innovation by supporting projects that use cutting-edge technologies or have a regional scope, while strengthening the technology ecosystem in the industry. This initiative includes three tracks:
- Enhanced Centre of Excellence track to expand grant funding to corporate venture capital entities
- Innovation Acceleration track to support emerging tech based FinTech solutions, and
- Environmental, Social, and Governance (ESG) FinTech track to accelerate ESG adoption in fintech
Additionally, FSTI 3.0 will continue to support areas like AI, data analytics, and RegTech while emphasising talent development. We can expect to see transformative financial innovation through greater industry collaboration.
MAS’ Continued Focus on Innovation
Over the years, the MAS has consistently been a driving force behind innovation in the Financial Services industry. They have actively promoted and supported technological advancements to enhance the industry’s competitiveness and resilience.
The FinTech Regulatory Sandbox framework offers a controlled space for financial institutions and FinTech innovators to test new financial products and services in a real-world setting, with tailored regulatory support. By temporarily relaxing specific regulatory requirements, the sandbox encourages experimentation, while ensuring safeguards to manage risks and uphold the financial system’s stability. Upon successful experimentation, entities must seamlessly transition to full compliance with relevant regulations.
Innovation Labs serve as incubators for new ideas, fostering a culture of experimentation and collaboration. They collaborate with disruptors, startups, and entrepreneurs to develop groundbreaking solutions. Labs like Accenture Innovation Hub, Allianz Asia Lab, Aviva Digital Garage, ANZ Innovation Lab, and AXA Digital Hive drive create prototypes, and roll out market solutions.
Building an Ecosystem
Partnerships between financial institutions, technology companies, startups, and academia contribute to Singapore’s economic growth and global competitiveness while ensuring adaptive regulation in an evolving landscape. By creating a vibrant ecosystem, MAS has facilitated knowledge exchange, collaborative projects, and the development of innovative solutions. For instance, in 2022, MAS partnered with United Nations Capital Development Fund (UNCDF) to build digital financial ecosystems for MSMEs in emerging economies.
This includes supporting projects that address environmental, social, and governance (ESG) concerns within the financial sector. For instance, MAS worked with the People’s Bank of China to establish the China-Singapore Green Finance Taskforce (GFTF) to enhance collaboration in green and transition finance. The aim is to focus on taxonomies, products, and technology to support the transition to a low-carbon future in the region, co-chaired by representatives from both countries.
MAS has also promoted Open Banking and API Frameworks to encourage financial institutions to adopt open banking practices enabling easier integration of financial services and encouraging innovation by third-party developers. This also empowers customers to have greater control over their financial data while fostering the development of new financial products and services by FinTech companies.
Regulators in Asia Pacific Taking a Proactive Approach
While Singapore is at the forefront of financial innovations, other regulatory and government bodies in Asia Pacific are also taking on an increasingly proactive role in nurturing innovation. This stance is being driven by a twofold objective – to accelerate economic growth through technological advancements and to ensure that innovative solutions align with regulatory requirements and safeguard consumer interests.
Recognising the potential of fintech to enhance financial services and drive economic growth, the Hong Kong Monetary Authority (HKMA) established the Fintech Facilitation Office (FFO) to facilitate communication between the fintech industry and traditional financial institutions. The central bank’s Smart Banking Initiatives, including the Faster Payment System, Open API Framework, and the Banking Made Easy initiative that reduces regulatory frictions help to enhance the efficiency and interoperability of digital payments.
The Financial Services Agency of Japan (FSA) has been actively working on creating a regulatory framework to facilitate fintech innovation, including revisions to existing laws to accommodate new technologies like blockchain. In 2020, FSA launched the Blockchain Governance Initiative Network (BGIN) to facilitate collaboration between the government, financial institutions, and the private sector to explore the potential of blockchain technology in enhancing financial services.
The Central Bank of the Philippines (Bangko Sentral ng Pilipinas – BSP) has launched an e-payments project to overcome challenges hindering electronic retail purchases, such as limited interbank transfer facilities, high bank fees, and low levels of trust among merchants and consumers. The initiative included the establishment of the National Retail Payment System, a framework for retail payment, and the introduction of automated clearing houses like PESONet and InstaPay. These efforts have increased the percentage of retail purchases made electronically from 1% to over 10% within five years, demonstrating the positive impact of effective cooperation and innovative policies in driving a shift towards a cash-lite economy.
The promotion of fintech innovation highlights a collective belief in its potential to transform finance and boost economies. As regulations adapt for technologies like blockchain and open banking, the Asia Pacific region is promoting collaboration between traditional financial institutions and emerging fintech players. This approach underscores a commitment to balance innovation with responsible oversight, ensuring that advanced financial solutions comply with regulatory standards.
