By Rodrigo Zepeda, CEO, Storm-7 Consulting

Introduction

On 30 June 2022, the Monetary Authority of Singapore (MAS) published an Enforcement Action Media Release stating that it had reprimanded ‘Three Arrows Capital Pte. Ltd.’ (3AC Singapore) for providing false information to MAS, and for exceeding its assets under management (AuM) threshold for a ‘Registered Fund Management Company’ (RFMC) (MAS 2022). In Part III, Part IV, and Part V of this Case Study, I will explain why I believe that ‘Three Arrows Capital’ (3AC) intentionally refrained from notifying the MAS in this regard. I will also explain why I believe that the MAS failed in its duty of supervisory capacity vis-à-vis the adequate, prudent, and timely supervision of 3AC Singapore, and how this failure may have ultimately contributed to the collapse of 3AC Singapore in June 2022.

Regulatory Framework in Singapore

In Part I of this Case Study, we identified that 3AC Singapore was incorporated on 30 January 2013 and registered as an RFMC in August 2013. This means that the applicable ‘Guidelines on Licensing, Registration and Conduct of Business for Fund Management Companies’ (Guideline No: SFA 04-G05) in Singapore, were those with an Issue Date of 7 August 2012 (MAS 2012 Guidelines) (these are not the latest available guidelines). These were issued pursuant to section 321 of the Securities and Futures Act (Cap. 289), Singapore.

In Singapore, apart from the Venture Capital Fund Manager Regime (VCFMR), there were two categories of Fund Management Company (FMC) open to 3AC, these were: (1) a Licensed FMC (LFMC); and (2) a RFMC. LFMCs were themselves split into two types, which were either a ‘Retail LFMC’, which carried out fund management business with all types of investors, and an ‘Accredited/Institutional (A/I) LFMC’, which carried out fund management business with qualified investors only.

For present purposes, the choice of investment entity out of these four options was absolutely crucial for 3AC. This is because the regulatory requirements for registering and operating an LFMC and an A/I LFMC were very extensive, highly costly, and operationally complex and challenging. And the VCFMR framework was not suited to 3AC’s investment purposes. On the face of it, this essentially meant that 3AC had no choice but to register as an RFMC. However, I believe that Kyle Livingston Davies and Su Zhu actually found this framework to be optimally suited for their investment and operational purposes.

So much so, that I believe that Mr Davies and Mr Zhu intentionally prevented the firm from registering as an A/I LFMC when it was legally required to do so according to the law in Singapore. What is more, I believe that the MAS failed in its duty of supervisory capacity vis-à-vis the adequate, prudent, and timely supervision of 3AC Singapore, and because of this failure, 3AC Singapore was allowed to continue its operational activities in ways that breached legal requirements in Singapore, and ultimately resulted in the collapse of 3AC in June 2022.

3AC Singapore’s RFMC Registration Application

Let us start with 3AC Singapore’s RFMC registration application. In Part I of this Case Study, we analysed the professional background of both Mr Davies and Mr Zhu. We concluded that they had each acquired less than three years of professional trading experience prior to setting up 3AC. Furthermore, neither of them had held any type of professional investment advisory experience advising investment firms and/or individual investors.

A1 of Appendix 1 of the MAS 2012 Guidelines (p. 13) sets out the Minimum Competency Requirements stipulated for registration of an FMC. For an RFMC, 3AC Singapore required at least 2 directors who each had a minimum of five years of relevant experience; at least 1 Executive Director resident in Singapore; and a Chief Executive Officer (CEO) with a minimum of five years of relevant experience of being a CEO. 3AC Singapore also required at least 2 relevant professionals and at least 2 representatives all residing in Singapore that each had a minimum of five years of relevant experience. The MAS 2012 Guidelines (p. 14) stated that:

“The relevance of an individual’s past experience should be assessed in the context of the role that the individual will perform in the FMC… Directors and the CEO should have managerial experience or experience in a supervisory capacity as part of their relevant experience.”

In practice, these requirements are supposed to be legally attested to in Form 22A, and then confirmed by undertaking objective due diligence research by MAS. The question that arises, is how is it possible that MAS approved 3AC Singapore’s registration application, if both Mr Davies and Mr Zhu did not have sufficient (five years) professional relevant experience at that time, and most certainly not enough to meet the five years minimum relevant experience required for the position of CEO?

Failures in the MAS Regulatory Framework in Singapore

When we analyse the MAS regulatory framework then extant in Singapore, we are able to understand why 3AC Singapore was allowed to operate in an essentially unfettered manner. The inherent problem lies in the regulatory structure set out in the MAS 2012 Guidelines. Under these, Retail LFMCs and A/I LFMCs are highly regulated. Retail LFMCs attract the highest level of scrutiny and regulation because they presented the highest investment and operational risks to a diverse range of non-professional investors.

This operated in a similar fashion to the ladder-type client categorisation originally under ‘MiFID’ (Markets in Financial Instruments Directive) (Directive 2004/39/EC) in the European Union, namely, retail clients, professional clients (elective; per se), and elective eligible counterparties. Retail clients attracted the highest level of protections owing to their comparatively lower level of understanding of financial investments. Consequently, in Singapore, Retail LFMCs and A/I LFMCs were required to comply with a highly extensive range of regulatory obligations relating to inter alia:

(1) competency of key individuals;

(2) fit and proper tests for directors, employees, representatives, and shareholders;

(3) the maintenance of minimum base capital thresholds at all times;

(4) the maintenance of risk-based capital (RBC);

(5) the maintenance of compliance arrangements;

(6) the maintenance of a risk management framework (RMF);

(7) internal audit requirements;

(8) independent annual audit requirements; and

(9) the maintenance of minimum levels of professional indemnity insurance (MAS 2012 Guidelines, pp. 5-8).

In addition, there were a range of ongoing requirements for FMCs relating to inter alia:

(1) business conduct (BC): custody obligations;

(2) BC: valuation and reporting obligations;

(3) BC: mitigation of conflicts of interest (COI) obligations;

(4) BC: disclosure obligations;

(5) BC: termination of fund obligations;

(6) anti-money laundering (AML) and countering the financing of terrorism (CFT) obligations;

(7) reporting of misconduct obligations;

(8) use of service providers obligations;

(9) obligations regarding notifications and approvals; and

(10) periodic returns obligations (MAS 2012 Guidelines, pp. 8-11).

In order to be registered and licenced as an RFMC, 3AC Singapore had to serve only up to 30 qualified investors, AND to only manage assets of not more than 250 million Singapore Dollars (SGD). This equated to approximately £150 million or $179.78 million, i.e., approximately $180 million.

Now remember, in 2008 to 2009, people all around the world experienced the sub-prime crisis in the United States (US) which precipitated the ‘Global Financial Crisis’ (GFC), and its massive negative financial and economic fallout, i.e., $2 trillion loss in global economic growth. As a result, countries with major financial and economic centres around the world implemented a series of highly comprehensive reforms pertaining to inter alia operational capital, liquidity, and trading of over-the-counter (OTC) derivatives and other complex and opaque financial instruments and investments by banks and other regulated financial institutions.

Some of the main problems identified by the GFC, were the complex and opaque interconnections between financial institutions that existed, and the widespread use of complex financial instruments and relationships that were generally under-collateralised, poorly understood, and subject to inept risk management practices. With regulatory supervision of 3AC Singapore, the inherent problem begins with the failure in the structural design of the MAS 2012 Guidelines.

Because Retail LFMCs and A/I LFMCs are dealing with clients they automatically trigger a base capital requirement (BCR) of SGD1 million (for a collective investment scheme (CIS) offered to retail investors), or SGD500,000 (for non-CIS offered to A/I investors) (MAS 2012 Guidelines, p. 6). This is in addition to the extensive initial and ongoing governance, compliance, risk management, and operational regulatory requirements. All Retail LFMCs and A/I LFMCs were also required to carry a minimum level of RBC, valued as ‘financial resources’ worth at least 120% of operational risk requirements (MAS 2012 Guidelines, p. 6). If an FMC calculated that its running operational risk requirements totalled $100 million, it was required to carry a minimum amount of $120 million as RBC.

Financial resources is defined to include base capital; certain types of share capital; reserves (revaluation, other); interim unappropriated profit; and collective impairment allowances (Securities and Futures, (Financial and Margin Requirements for Holders of Capital Markets Services Licences) Regulations, regulation 2A(1)). Consequently, this was in addition to any capital to be used for investment purposes. However, as an RFMC, 3AC Singapore was not required to hold any RBC at all. Nothing, not even $1. Also, because of the fund management activities it was carrying out it attracted the lowest possible BCR of SGD 250,000 (MAS 2012 Guidelines, p. 6). This amounted to $179,733, i.e., approximately $180,000.

So, despite the massive failures identified by the GFC owing to a lack of capital and liquidity by financial institutions, 3AC Singapore was authorised to invest up to $180 million AuM in any type of complex, opaque, or risky investment or financial instrument whatsoever. Furthermore, supposedly to “protect” its operations, 3AC Singapore was required by MAS to hold only $180,000 in capital, which equated to approximately 1/1000 of its total capital investment limit. As such, this BCR for 3AC Singapore was basically pointless. In times of market stress this microscopic BCR would evaporate in a millisecond. Wait, it gets worse.

First, in terms of compliance arrangements, 3AC Singapore was expected to put in place compliance arrangements that were commensurate with the ‘nature, scale, and complexity’ (NSC) of its business (MAS 2012 Guidelines, p. 6). This puts in place a highly subjective obligation, becuase it was up to 3AC Singapore to decide what the NSC of its business was. So, whilst the minimum compliance arrangements for Retail LFMCs and A/I LFMCs were extensive (see above), 3AC Singapore was instead essentially free to put in place any compliance arrangements at its discretion. Second, 3AC Singapore was required to put in place a RMF to identify, address and monitor the risks associated with customer assets it managed (MAS 2012 Guidelines, p. 6).

Consequently, there was an inherent problem of asymmetric information and adverse selection that existed. 3AC Singapore knew in extensive detail the legal, operational, liquidity, and counterparty risks that existed with respect to a very broad range of crypto assets, cryptocurrencies, and venture capital (VC) investments. 3AC Singapore arguably likely had far more knowledge in this respect than MAS, at least in the first five years of its operations (i.e., 2013 to 2017).

Because of the in-depth knowledge that 3AC Singapore possessed, it could essentially put in place any compliance arrangements of its choosing, because MAS would not be in a position, on the face of it, to truly understand whether those compliance arrangements were sufficient. The same can be said for 3AC Singapore’s RMF. Strictly speaking, the MAS 2012 Guidelines (p. 6) stated that the RMF related to risks associated with customer assets, not the personal assets owned and invested by Mr Davies and Mr Zhu. So, this was ostensibly a major design flaw.

However, even if the MAS 2012 Guidelines requirements relating to the RMF were interpreted broadly to include their own assets invested, asymmetric information and adverse selection still meant that 3AC Singapore was also essentially free to implement any RMF of its choosing. Because of the in-depth knowledge that 3AC Singapore possessed, there was no way for MAS to be able to tell, generally on the face of documented and reported risk management policies, whether the RMF was sufficiently adequate and compliant. For example, at a minimum the RMF was required to address:

(1) governance, independence, and competency of the RMF (subject to adequate Board and senior management oversight; segregated from and independent of the portfolio management function; staff with adequate risk management knowledge and expertise);

(2) identification and measures of risks associated with customer assets (identification of all pertinent risks associated with customer assets; use of appropriate tools or metrics suitable to the NSC of managed assets);

(3) timely monitoring and reporting of risks to management (procedures ensure identified risks are closely monitored; management kept informed of risk exposures on a continual and timely basis);

(4) documentation of risk management policies, procedures and reports (all RMF policies, procedures, reports should be properly documented and maintained) (MAS 2012 Guidelines, p. 7).

These are very extensive and comprehensive RMF obligations which theoretically need to be complied with. Assuming that all information relating to these RMF obligations had been documented and reported to MAS, it is highly unlikely that MAS would have been able to objectively assess whether these RMF procedures were sufficiently adequate and compliant. This is because of the summative way in which they were likely reported to MAS, and the highly new, innovative, and complex ways that crypto investments were evolving globally. The only way for MAS to tell, would have been for it to have undertaken an independent and in-depth investigation of 3AC Singapore to independently audit its policies, procedures, reports, compliance arrangements, and RMF at such time. However, MAS never did this.

MAS Supervisory and Regulatory Failures

In fact, according to MAS, it only commenced its investigations into 3AC Singapore in June 2021 (MAS 2022), and nothing happened for around one year. I will explain why this inaction on the part of MAS is so alarming. We started seeing crypto market developments in Singapore at least back in 2015. In July 2015 it was reported MAS had funded a blockchain-based recordkeeping system as part of its five-year $225 million investment plan (Higgins 2015). In September 2015 it was reported Coinbase had expanded to Asia with its Singapore market launch, and that $3.4 million had been invested in crypto start-ups in Singapore (Rizzo (September) 2015).

In October 2015 it was reported that Barclays had signed contracts with two blockchain start-ups (‘Chainanalysis’ and ‘Wave’) to fund acceleration of their blockchain applications (Rizzo (October) 2015).  In November 2016 it was reported the central bank of Singapore was intending to launch a pilot blockchain project with the country’s stock exchange and eight banks for use on interbank payments (Reuters 2016). In June 2017 it was announced by Singapore’s central bank that it had completed its first phase of developing a tokenised version of its fiat currency (SGD) on an Ethereum-based blockchain (Dylan 2017).

In November 2017 the Singapore-based crypto exchange ‘Kryptos-X’ announced it had secured $1 million in seed funding to enter the crypto market in Singapore (Ellis 2017). In September 2017 it was reported that Singapore had become the favoured Initial Coin Offering (ICO) destination for blockchain companies (Althauser 2017). In June 2018 it was reported that crypto-finance company ‘FUSION’ based in Singapore had secured $12.3 billion in financial assets on its blockchain-based platform (Alexandre 2018).

This widely noted proliferation of blockchain and crypto technologies and investments in Singapore over these years should have easily put MAS on alert that crypto investment firms were an area that needed to be more carefully supervised and scrutinised going forwards. With regards to 3AC ongoing operations, as far back as January 2015, Kyle Davies confirmed 3AC had a staff of 24, and further noted:

"We have on boarded junior, middle and senior level personnel in all divisions… Every three to six months, the headcount grows by about 50% and we go and do on average two new markets." (Opalesque 2015).

Based on this assertion, 3AC’s headcount (n) was set to grow by roughly 100% each year, i.e., n=48 (2016), n=96 (2017), n=192 (2018), n=384 (2019). A growth in headcount has to be supported by a growth in firm revenues and investment assets. It does not take a rocket scientist to see that 3AC’s projected growth and projected AuM should have been something which MAS should have been more closely monitoring. Indeed, from 2018 to 2020, 3AC was extensively written about in the global media, including widely reported coverage regarding its wide range of large crypto investments.

By June 2020, it was announced that 3AC had accumulated 6.26% of shares in the Grayscale Bitcoin Trust (GBTC), which consisted of over 20,000 Bitcoin (BTC) valued at around $192 million (Sinclair 2020). 3AC had been required to file a Schedule 13D disclosure with the ‘U.S. Securities and Exchange Commission’ (SEC) (SEC 2020). This single transaction was by itself valued at $12 million over the legal RFMC AuM threshold. There were masses of 3AC’s crypto and start-up investments that had been documented and noted in the media by this point in time.

So, one year before MAS formally commenced its investigation into 3AC, there was already actionable evidence that 3AC had potentially breached its legal AuM threshold of $180 million. By August 2018, 3AC Singapore had been operating for five years. It was required to submit an Auditors Report for RFMCs (25B) and a softcopy of audited financial statements (balance sheet and profit and loss statement) for the last completed financial year on an annual basis (MAS 2012 Guidelines, Appendix 5, A5 Periodic Returns, p. 20). Its business activities were expected to be subject to an adequate internal audit (MAS 2012 Guidelines, p. 7).

It was an ongoing requirement for 3AC Singapore to ensure that its AuM were subject to independent valuation, to be provided by a third-party service provider (e.g., fund administrator or custodian), or by an in-house ‘fund valuation function’ (FVF) that had to be segregated from the ‘investment management function’ (IMF) (MAS 2012 Guidelines, p. 8). In-house valuation was only authorised for larger financial services groups that could prove that there were sufficient resources and internal controls to provide for effective segregation of FVF and IMF (MAS 2012 Guidelines, p. 8).

The annual audit that was required to be carried out by an independent auditor was meant to serve as a periodic check on the precise valuation of 3AC Singapore’s assets (MAS 2012 Guidelines, p. 9). In addition, a notification of change of any of 3AC Singapore’s particulars was required to be done within 14 days of the change; 3AC Singapore was to apply for a ‘Capital Markets Services’ (CMS) Licence in fund management if AuM was expected to exceed SGD 250 million (MAS 2012 Guidelines, p. 19). The MAS 2012 Guidelines (p. 10) further stated:

“An FMC shall also notify MAS immediately if it breaches any licensing or registration requirement, as well as take immediate steps to rectify the breach.”

Remember, MAS reported that 3AC Singapore did not just breach the legal AuM limit for a few days, it broke the law for over one year, between July 2020 and September 2020, and between November 2020 and August 2021 (MAS 2022). It seems as if MAS tried to make it look like a minor incident by ostensibly calling it a “prolonged breach”. But that was not what 3AC Singapore did. Now that we have analysed the regulatory framework rules and obligations, we can see that a prolonged breach would be a failure to notify MAS for between 7 to 14 days after the “immediate” notification obligation.

Consequently, it is impossible to call a legal breach of the AuM limit over the period of one year a prolonged breach. When authorised financial services firms in the United Kingdom (UK) break the law by breaching anti-money laundering (AML) regulations, they have been either criminally prosecuted, or fined, or both, by the Financial Conduct Authority (FCA), e.g., NatWest was criminally prosecuted and fined £264.8 million for AML failures in 2021 (FCA 2021). Here, 3AC Singapore broke the law for one year and MAS failed to discover this.

Yet, it would seem to be the case that MAS also failed to immediately subject 3AC Singapore to supervisory investigation when it discovered this. We identified that 3AC Singapore was required to put in place effective compliance arrangements internally. There were only two fundamental compliance obligations that had to be monitored and supervised by 3AC Singapore. One, do not onboard more than 30 qualified investors, and two, do not exceed SGD250 million AuM at any time. Given the likelihood that the firm was servicing few, if any, qualified investors, asset valuation was the only requirement that the compliance department had to monitor to retain its licence. So, somehow, despite the fact:

• that the firm had been operating for more than five years;
• that the firm’s compliance is responsible for monitoring this valuation limit;
• that the firm's compliance essentially only had this single overriding duty to comply with;
• that the firm is required to independently value its AuM;
• that the firm is required to ensure its annual audit checks on the valuation of assets;
• that the firm is required to immediately notify MAS if it breaches the AuM licensing requirement;
• that the firm is required to take immediate steps to rectify this breach;

3AC Singapore somehow inadvertently forgot to value its assets and notify MAS that it had broken the law for one year. It seems as though every single person at 3AC Singapore somehow contracted collective amnesia. Sorry, but I don’t buy it. On the face of the evidence the decision taken not to inform MAS seems to have been intentional. It seems to have been done specifically to avoid the huge capital, operational, compliance, and risk management obligations that would have been imposed on 3AC Singapore in order to continue business with a new CMS Licence. It would have subjected 3AC Singapore to a level of scrutiny on the part of MAS which I do not believe 3AC Singapore was able to, or willing to be subjected to.

In the next Part IV of this Case Study, I will explore this issue further, along with further analysis of the reasons why I believe MAS failed in its supervisory duties as 3AC Singapore’s regulator.

To be continued.