Panic?! Where can Web3 projects go under the impact of Singapore’s new DTSP regulations?

You may have heard that the Monetary Authority of Singapore (MAS) recently officially released the final regulatory response to the "Digital Token Service Provider" (DTSP) system under the Payment Services Act, and clearly announced that it will be fully implemented on June 30, 2025, without any buffer period.

This time, it is no longer a policy trial in the consultation stage, nor is it a symbolic regulatory gesture.

The signal released by MAS is very clear: without a license, no token-related business may be engaged in, regardless of whether the customer is in Singapore or not, and regardless of whether the business is on-chain or not.

On the surface, this is a new licensing requirement for token services, but in reality it is a structural reconstruction of the operating logic of the Web3 project.

Last week, there were many interpretations of the document, so Portal Labs will not repeat the full interpretation. We will just talk about some of our views on the implementation of this regulation.

A structural clearance under "administrative regulations"

Some people regard DTSP as an extended version of VASP, but it is not.

The launch of DTSP indicates that MAS is trying to systematically reconstruct the vague but broad concept of “token services” and to define the boundaries of what can and cannot be done in the form of legal provisions.

From the perspective of MAS, the so-called “token services” are no longer limited to the issuance of tokens themselves, but cover all kinds of behaviors that the project party may engage in, including issuance, promotion, trading, transfer, custody, OTC matching, and even providing technical or operational assistance.

In other words, as long as you are a part of this token mechanism, whether actively or passively, you may be regarded as a service provider.

The more critical change is that MAS has abandoned the basis for compliance judgment based on the place of registration or on-chain deployment, and returned the core judgment standard to "where the people are and where the business activities are."

This means that even if your contract is written on the chain, the system is deployed in the cloud, and your customers are spread all over the world, as long as you are based in Singapore and are promoting token-related business, you are very likely to be regarded as "doing business in Singapore."

The classic remote architecture model of "people are on the slope, things are on the chain" has officially bid farewell to the regulatory vacuum period.

There is no ambiguity in MAS's attitude towards this. In this round of responses, MAS clearly stated that it will be "extremely cautious" in issuing DTSP licenses, and it will only apply to a very small number of applicants.

According to PANews statistics, there are only 33 crypto projects that currently hold MPI licenses, and this license was opened for application as early as 5 years ago. One can imagine the difficulty and approval rate of the DTSP license.

Therefore, Portal Labs believes that this is not a license bidding, nor is it a goal that can be achieved by the efforts of the technical team. It is more like an active screening of the project governance structure. Web3 project architectures that lack role isolation, unclear funding paths, and unclear division of responsibilities will lose their eligibility to remain in this round of clearance.

However, this is not a sign of hostility from Singapore regulators towards Web3, but rather a more pointed signal that under the mainstream regulatory trend, the logic of regulatory arbitrage is gradually coming to an end.

“Where to go” is no longer the answer

Well, where else can we go?

The first reaction of many Chinese Web3 project parties is to move to Hong Kong.

This expectation is not groundless. In the past two years, Hong Kong has frequently released welcome signals: promoting the VASP system, officials publicly stating their views, hosting the Web3 Carnival... It was once regarded as the main candidate for "taking over Singapore's withdrawal project."

After the announcement of the new DTSP regulations in Singapore, Hong Kong Legislative Council member Ng Kit Chong also welcomed it immediately and released a bilingual statement in Chinese and English on social media platforms, saying: "If you are unable to continue your business in Singapore and are interested in moving to Hong Kong, please contact me to learn more about the situation. We are willing to provide assistance and welcome you to develop in Hong Kong!"

This statement undoubtedly sends a positive signal that Hong Kong is "taking advantage of the situation to absorb" the market. However, from the perspective of regulatory reality, the problem is far from being that simple.

Hong Kong's regulation is not lax, it is another expression of a structured regulatory system:

At the CEX level, Hong Kong explicitly requires trading platforms to operate with a license and accept SFC supervision in accordance with the Securities and Futures Ordinance. The platform must not only provide compliance solutions at key nodes such as user access, currency selection, and custody mechanisms, but also establish independent audit, anti-money laundering and risk control systems. Compared with the gray area path of "adjusting while doing" in the past, Hong Kong's regulatory approach emphasizes "pre-emptive structural design" and is suitable for institutional platforms that are willing to operate in compliance for a long time.
At the token issuance level, Hong Kong has not yet introduced specific laws for the public issuance of tokens. However, referring to the regulatory trends in the United States, the European Union, and Singapore in recent years, although there is still room for the issuance of certain tokens at this stage, if legislation is promoted in the future, the possibility of further tightening of the regulatory framework cannot be ruled out.
In terms of the implementation of Web3 projects, although Hong Kong has frequently released support signals, the current regulatory system that has actually been implemented is still focused on a few areas such as virtual asset trading platforms. For other Web3 projects (such as DeFi, DAO, RWA issuers, etc.), exclusive regulatory channels have not yet been established. In reality, supervision is more inclined to accept project types with clear structures, sufficient information disclosure, and the ability to be penetrated and identified under the existing licensing system. To some extent, this is more like "partial opening under the guidance of financial compliance" rather than a general acceptance of all forms of innovation.

In other words, Hong Kong does welcome the Web3 industry, but the premise is that you can keep up with the pace of regulation. If your operating structure in Singapore has already crossed the line, it is likely that you will not be able to land in Hong Kong in the near future.

As for other alternatives, such as Dubai, Portugal, Seychelles, and even some regional cities with "seemingly better atmospheres" such as Shenzhen, they either lack a mature financial regulatory framework or have unclear and unsustainable compliance paths. They can be accommodated in the short term, but it is difficult to build a medium- and long-term legal basis.

The new DTSP regulations are not an isolated case, but represent a broader regulatory trend: sovereign jurisdictions no longer accept the "puzzle-like" Web3 architecture of "registration location", but begin to define responsibility based on "where people are and where things happen".

Therefore, the more urgent problem that Web3 projects need to solve is no longer about “where to move”, but whether you can still “exist in compliance” after moving.

From this perspective, Singapore is not the end point, and Hong Kong is not the solution. The next stop for Web3 is not another "arbitrage depression", but a comprehensive physical examination of architectural capabilities, governance logic, and compliance mentality.

The real question is, how to stay?

The biggest signal released by the new DTSP regulations has never been a crackdown on a certain type of project or region, but a systematic update of the regulatory logic.

In the past, many Web3 projects relied on a "jigsaw-like architecture" to shuttle through the compliance gray area: the registered place was located in country A, the technical team was in country B, the market was in country C, customers were spread all over the world, KYC was outsourced to country E, and funds were in country F. This seemingly distributed but actually "impenetrable" operation method was once regarded as the "standard configuration" of Web3 projects.

But today, the perspective of supervision has fundamentally changed - it no longer looks at where your company is registered or where the code is deployed, but directly anchors:

Who controls the issuance decision of Token?
Are the custody path and capital flow of user assets clear?
Where is the actual controller of the project located and what responsibilities does he perform?
Is there a mechanism for penetrating governance, structural isolation, and clear division of rights and responsibilities?

What is being tested here is no longer the wording skills of a legal opinion, but the overall "structural capabilities" of the Web3 project, that is, whether it can build a role system and rights and responsibilities framework that is truly penetrable, accountable, and sustainable.

In such a regulatory context, “relocating the place of registration” is no longer a solution in essence. It is more like a risk transfer game, shifting potential problems from one jurisdiction to another area where regulation has not yet responded, and cannot fundamentally improve risk exposure.

From this perspective, DTSP is not just an ultimatum for Web3 projects, but also a turning point for investors’ compliance perspective. It makes a key question unavoidable: “Am I investing in a project, or a legal risk entity that has not yet been clearly identified?”

For investors, this regulatory evolution means an upgrade in the dimension of judgment. In traditional investment logic, a white paper, a roadmap, and an AMA are enough to build confidence expectations. In the reality of stricter regulation, the "structural transparency" of Web3 projects will become a must-check item:

Does the token itself have a legal path and basis for issuance?
Is the control structure clear? Are there any risks of overlapping internal responsibilities or proxy holding?
Do founders face excessive legal risk, and do their roles need to be isolated and segregated?
Will the project have compliant financing, coin issuance and even exit mechanisms in the future?

These questions are no longer just questions that lawyers need to answer; investors must also learn to raise and examine them.

In other words, regulation is forcing the Web3 market as a whole to enter a new stage of “identity governance.” Web3 project owners no longer rely solely on “narratives,” but must submit answers on structural design; investors no longer only look at valuations, but must ask, “Are you ready to be penetrated by regulation?”

DTSP is just the beginning, and a greater compliance resurgence is happening simultaneously around the world.