Singapore AI Governance: All Frameworks in One Place (2026)

Last reviewed: April 30, 2026

Singapore has no dedicated AI law. It also has more AI governance frameworks than most countries that do. As of April 2026 the architecture spans three generations of the Model AI Governance Framework, an open-source testing toolkit (AI Verify) plus an LLM evaluation platform (Project Moonshot), four MAS instruments for financial services (FEAT Principles, Veritas, Project MindForge, and proposed AI Risk Management Guidelines), comprehensive PDPC guidance under a binding privacy statute, a 2023 national strategy, and a cybersecurity addendum from CSA. Each lives on its own page. None alone gives a deployer the full compliance picture. This article consolidates every framework into a single navigable resource — explains what each covers, how they relate, and what companies operating in Singapore should actually implement.

Key Takeaways

• Singapore’s approach is “soft law first.” No mandatory AI statute exists. The Personal Data Protection Act (PDPA) is the primary binding law with AI relevance. Everything else is voluntary — but voluntary in a Singaporean sense, where alignment with frameworks shapes how regulators exercise statutory powers.
• Three generations of the Model AI Governance Framework now exist in parallel. Traditional AI (2020), Generative AI (May 2024), and Agentic AI (January 2026). Organizations apply the most relevant generation per use case; the frameworks are layered, not replaced.
• MAS is moving toward potentially binding AI guidelines. The November 2025 consultation paper on AI Risk Management closed January 31, 2026. Final guidelines pending publication; expected to be the first AI-specific binding guidelines for any Singaporean sector.
• AI Verify is the testing infrastructure that operationalizes the frameworks. 11 governance principles, 85 testable criteria, 4 technical test toolboxes, plus Project Moonshot for LLM red-teaming. Open-source on GitHub and used by Google, Microsoft, IBM, DBS Bank, Singapore Airlines, and others.
• Voluntary compliance is not optional in practice. PDPC and MAS supervisors weigh framework alignment when exercising enforcement powers under binding statutes (PDPA, Banking Act, Insurance Act). Non-alignment increases regulatory exposure even though the frameworks themselves carry no penalties.

Singapore’s approach: frameworks, not laws

Singapore’s regulatory philosophy on AI is consistent and explicit: produce flexible, voluntary frameworks that are detailed enough to be operationally useful, evolve them as technology evolves, and let binding statutes (PDPA, sectoral laws) handle the few cases where mandatory rules are needed. The government has stated this preference repeatedly through Minister Josephine Teo, IMDA leadership, and MAS publications.

Three reasons drive the approach. First, Singapore is small enough and centralized enough that regulators can build credible voluntary frameworks without a legislative overhead — the IMDA, MAS, PDPC, and CSA can co-author guidance documents in months that would take EU institutions years. Second, Singapore competes for AI investment, and the government has judged that prescriptive ex-ante rules would undermine that competitiveness. Third, soft frameworks are easier to update — the MGF moved from Traditional AI (2020) to Generative AI (May 2024) to Agentic AI (January 2026) with no parliamentary action required.

The result is a multi-document architecture that can confuse deployers. Eight major framework families operate simultaneously. Each is voluntary; together they form the operational baseline that Singaporean regulators expect. Compliance practitioners often describe Singapore’s regime as “voluntary on paper, mandatory in practice” — non-alignment with the frameworks does not produce direct fines, but it weighs against organizations when supervisors exercise discretion under binding statutes.

For an inside-out perspective on whether voluntary really means voluntary, see Section 8 of this article. For now: if you operate AI in Singapore, the frameworks below are your working compliance scope.

The Model AI Governance Framework — three generations

The Model AI Governance Framework is the foundation document. PDPC and IMDA jointly issued the first edition in January 2019 at the World Economic Forum in Davos. The framework now spans three generations, each addressing a successive technological wave.

Version 1.0 and the GenAI Update

Generation 1 — Traditional AI (Second Edition, January 2020). The Second Edition is the version most still cited as “the MGF.” It is structured around two guiding principles (AI decision-making should be explainable, transparent, and fair; AI solutions should be human-centric) and four key areas:

1. Internal Governance Structures — board-level oversight, designated roles, risk management proportionate to AI maturity.
2. Determining Human Involvement in AI-Augmented Decision-Making — the framework’s most distinctive contribution. Risk-based “probability of harm × severity of harm” matrix. Three categories of human involvement (human-in-the-loop, human-on-the-loop, human-over-the-loop) calibrated to risk.
3. Operations Management — data quality, model development, monitoring, incident management.
4. Stakeholder Interaction and Communication — transparency about AI use, channels for feedback, explainability appropriate to context.

The framework is non-sector-specific, voluntary, and aligned with OECD AI Principles, NIST AI RMF, and ISO/IEC 42001. Its risk-proportionate logic shapes most subsequent Singaporean instruments — including the GenAI and Agentic AI frameworks below.

Generation 2 — Model AI Governance Framework for Generative AI (May 2024). IMDA and the AI Verify Foundation issued this framework in final form on May 29, 2024 (after a January 2024 consultation). It is structured around nine dimensions: Accountability, Data, Trusted Development and Deployment, Incident Reporting and Management, Testing and Assurance, Content Provenance, Safety and Alignment, Cybersecurity, and Human Oversight of GenAI.

The GenAI framework introduces a multi-stakeholder responsibility model — model developers, application developers, and deployers each carry distinct obligations. This is the framework’s main operational innovation: it is the first Singaporean document to explicitly distribute AI responsibility across the supply chain rather than focusing on the deployer alone.

Generation 3 — Model AI Governance Framework for Agentic AI (January 22, 2026). The world’s first comprehensive governance framework specifically for agentic AI. Released at WEF Davos, structured around four dimensions (assess and bound risks upfront, make humans meaningfully accountable, implement technical controls, enable end-user responsibility). Detailed treatment in our Singapore Agentic AI Framework deep dive.

The three generations are not mutually exclusive. Organizations select the generation most relevant to each use case. A company deploying a traditional credit-scoring model uses MGF v2.0. A company building a customer-service chatbot uses the GenAI framework. A company orchestrating multi-agent workflows uses the Agentic AI framework. The MGF v2.0 four areas remain the conceptual backbone — both the GenAI nine dimensions and the Agentic AI four dimensions can be mapped back to it.

AI Verify — the testing toolkit

AI Verify is the technical infrastructure that operationalizes the MGF principles. Where the MGF tells you what to govern, AI Verify gives you the tooling to test and demonstrate that governance.

The AI Verify Foundation launched on June 7, 2023 at the Asia Tech x Singapore conference. The foundation is a global open-source community supported by IMDA, with seven premier members (IMDA, Aicadium, IBM, Microsoft, Google, Red Hat, Salesforce) and 50+ general members including AWS, DBS Bank, Meta, SenseTime, Singapore Airlines, and DataRobot.

The AI Verify Testing Framework assesses AI systems against 11 internationally recognized governance principles, grouped into 5 focus areas:

Focus Area	Principles
Transparency on AI Use	Transparency
Decision Process	Explainability
Safety & Resilience	Repeatability/Reproducibility, Safety, Security, Robustness
Fairness	Fairness
Governance & Accountability	Data Governance, Accountability, Human Oversight, Inclusive Growth/Wellbeing

Each principle is operationalized through process checks and technical tests. The framework includes 85 testable criteria across 11 process checklists (one per principle), plus four built-in technical test toolboxes for fairness (classification and regression), robustness (adversarial perturbation testing), and explainability (SHAP feature attribution). Output is a customizable AI Governance Report — a structured artifact organizations use to demonstrate responsible AI to regulators, customers, or auditors.

Project Moonshot complements AI Verify with LLM-specific evaluation. Launched May 31, 2024, Moonshot combines red-teaming, benchmarking with 100+ pre-built datasets, and automated evaluation that integrates into CI/CD pipelines. It is open-source (316 GitHub stars on the main repository) and used by DataRobot, IBM, Singtel, and Temasek. Moonshot’s web UI implements IMDA’s Starter Kit for Safety Testing of LLM-Based Applications — a baseline of recommended tests for LLM deployments.

The two tools are complementary: AI Verify covers traditional AI (“Is this model fair, explainable, robust?”) and now generative AI; Moonshot covers LLMs and LLM applications (“Which LLM is best?” and “Is our LLM app safe?”). Both are extensible with plug-ins, and both have been integrated into commercial AI platforms.

The Agentic AI Framework

Singapore’s Model AI Governance Framework for Agentic AI is the most recent and most distinctive instrument in the architecture. Published January 22, 2026 by IMDA at WEF Davos, it is the world’s first comprehensive governance framework specifically targeting AI agents — systems that plan, reason, and take autonomous action on a user’s behalf.

The framework organizes governance around four dimensions:

1. Assess and bound risks upfront — agentic-specific risk assessment, autonomy boundaries, tool and data access limits, agentic use case selection
2. Make humans meaningfully accountable — significant checkpoints requiring human approval, named accountable persons, automation-bias mitigation
3. Implement technical controls and processes — baseline testing, controlling access to whitelisted services, multi-agent system testing, gradual rollout with kill-switches
4. Enable end-user responsibility — transparency about agent identity, training for users

The framework is voluntary, builds on MGF v2.0 (2020), and explicitly addresses multi-agent systems as a distinct governance challenge. A companion CSA Securing AI Systems Agentic AI Addendum (October 2025) covers cybersecurity threat models specific to agentic deployments — particularly multi-agent workflows and tool-access vulnerabilities.

For the full breakdown — including the framework’s definitions, the multi-agent governance approach, how it integrates with PDPA and sectoral guidance, and what companies should implement — see our Singapore Agentic AI Framework deep dive. For the comparative regulatory picture across EU, US, and China, see Agentic AI Regulation: The Closing Gap in AI Law.

MAS AI guidelines for financial services

Financial services in Singapore have the most layered AI governance, reflecting the sector’s risk profile and MAS’s tradition of detailed sectoral expectations.

FEAT Principles (November 2018). The foundation document. 14 principles structured around four pillars: Fairness, Ethics, Accountability, and Transparency. Issued by MAS in collaboration with the financial industry. Voluntary, but as MAS supervisory expectations they shape examination findings — non-alignment can produce regulatory consequences under binding sectoral laws.

Veritas Initiative (November 2019 – June 2023). A multi-phase consortium that operationalized FEAT through assessment methodologies and a toolkit. Three phases produced five white papers (February 2022) covering FEAT checklist, fairness assessment, ethics and accountability, transparency assessment, and practical implementation. The Veritas Toolkit (open-source on GitHub) reached version 2.0 in June 2023, adding ethics, accountability, and transparency assessment to the original fairness focus. Seven financial institutions piloted the integration: BNY Mellon, DBS, HSBC, OCBC, Singlife, Standard Chartered Bank, and UOB. Project Veritas concluded its third phase on June 26, 2023.

Project MindForge (mid-2023 – March 2026). Veritas’s successor. A 24-member consortium of banks, insurers, and capital markets firms strengthened AI risk management with a focus on generative and agentic AI. Phase 1 (2023 – May 2024) produced the first financial-industry-specific taxonomy of GenAI risks. Phase 2 (November 2024 – March 2026) delivered the AI Risk Management: Executive Handbook (November 2025) and the AI Risk Management Operationalisation Handbook (March 2026), with implementation case studies. MAS announced the successful conclusion of Phase 2 on March 20, 2026. The Association of Banks in Singapore published a complementary Handbook on Generative AI Guardrails in Banking in May 2025.

MAS Proposed Guidelines on AI Risk Management (November 2025). This is the most consequential development for financial services AI. MAS issued the consultation paper P017-2025 on November 13, 2025 with comments closing January 31, 2026. The proposed guidelines would set out MAS supervisory expectations on:

1. Oversight of AI Risk Management — board and senior management accountability, AI governance frameworks
2. Key AI Risk Management Systems, Policies and Procedures — AI identification processes, AI inventories, risk materiality assessments
3. AI Lifecycle Controls — data management, fairness, transparency, explainability, human oversight, third-party risks, evaluation, testing, monitoring, change management
4. Capabilities and Capacities — adequate resources and skills

The guidelines are designed to be proportionate (size and AI usage scale to obligations) and to cover traditional AI, GenAI, and agentic AI. Crucially, while the consultation paper retains “guidelines” framing, MAS guidelines are typically applied as binding supervisory expectations — non-compliance triggers regulatory action under the Banking Act and other sectoral statutes. Final guidelines are pending publication as of April 2026. When issued, they will be the first AI-specific binding guidelines for any Singaporean sector.

PDPC data protection and AI

The Personal Data Protection Act 2012 (PDPA) is Singapore’s binding data protection statute. It applies to all organizations (not public agencies) collecting, using, or disclosing personal data in Singapore, with extraterritorial reach. The Personal Data Protection Commission (PDPC) is the regulator.

For AI deployers, the PDPA matters because almost every meaningful AI deployment processes personal data — and the PDPA’s Protection Obligation (Section 24), Purpose Limitation, Data Accuracy Obligation, and mandatory Data Breach Notification (effective February 1, 2021) all apply. The penalty regime was enhanced October 1, 2022: organizations with annual Singapore turnover above SGD 10 million face fines up to 10% of that turnover, or SGD 1 million (whichever is higher) for non-compliance. These are real and have been applied in enforcement decisions.

The PDPA does not contain a dedicated automated decision-making provision (unlike GDPR Article 22). Singapore has not codified a right to explanation of automated decisions. PDPC guidance fills this gap.

PDPC Advisory Guidelines on Use of Personal Data in AI Recommendation and Decision Systems (March 1, 2024). The most current PDPC guidance for AI deployers. The Advisory Guidelines have five parts covering executive summary, legal effect and scope, AI system development/testing/monitoring, deployment (consent and notification obligations), and procurement (data intermediary obligations for AI service providers).

Three provisions matter most operationally:

1. Business Improvement Exception — organizations can use personal data to develop AI systems that enhance existing products or services without explicit consent, subject to conditions. This is the practical workaround for AI training data collection that would otherwise require consent.
2. Research Exception — commercial research for AI systems with public benefit (e.g., precision medicine) may rely on this exception.
3. Service providers as data intermediaries — third-party AI developers have Protection and Retention obligations under PDPA, must guard against unauthorized modification, and should maintain data provenance records.

PDPC enforces under the binding PDPA. The Advisory Guidelines themselves are not legally binding, but Bird & Bird’s analysis is direct: “in carrying out its enforcement of the PDPA, the PDPC is likely to take positions which are consistent with these Advisory Guidelines.” For deployers, alignment with the guidelines is the practical safe harbor.

The PDPC has signaled that guidance on the use of personal data to train generative AI systems will be the next major piece of work. Minister Josephine Teo flagged this during her Committee of Supply 2024 speech. Public consultation on those guidelines is expected.

How the frameworks relate to each other

The Singapore architecture is layered, not duplicated. Each framework targets a different governance gap; together they form the operational baseline.

Layer	Instrument	Year	Binding	Enforcer	Function
Mandatory statute	PDPA + Subsidiary Regulations	2012 / 2020 / 2022	Yes	PDPC	Data protection (applies to AI processing personal data)
Mandatory statute	Sectoral laws (Banking Act, Insurance Act, Healthcare Services Act, etc.)	Various	Yes	MAS, MOH, etc.	Sector-specific obligations including AI
Statutory guidance	PDPC Advisory Guidelines on AI (March 2024)	2024	Advisory but enforced through PDPA	PDPC	Personal data in AI recommendation/decision systems
Sectoral guidance	MAS FEAT Principles	2018	Voluntary supervisory expectation	MAS	AI in financial services — fairness, ethics, accountability, transparency
Sectoral guidance	MAS Project MindForge Handbooks	2025 / 2026	Voluntary	MAS / FIs	AI risk management for financial institutions
Sectoral guidance (pending)	MAS Guidelines on AI Risk Management	2026 (final pending)	Likely binding when issued	MAS	First AI-specific potentially-binding guidelines
Voluntary framework	MGF v2.0 (Traditional AI)	2020	No	PDPC / IMDA	All AI use — risk-based governance
Voluntary framework	MGF for Generative AI	May 2024	No	IMDA / AI Verify Foundation	GenAI-specific governance — 9 dimensions
Voluntary framework	MGF for Agentic AI	January 2026	No	IMDA	Agentic AI — 4 dimensions
Testing infrastructure	AI Verify Testing Framework + Toolkit	2022 / 2023	No	AI Verify Foundation	Open-source testing of AI governance principles
Testing infrastructure	Project Moonshot (LLM evaluation)	May 2024	No	AI Verify Foundation	LLM red-teaming and benchmarking
Cybersecurity guidance	CSA Securing AI Systems + Agentic AI Addendum	2024 / Oct 2025	Voluntary	CSA	AI security threat models
National strategy	NAIS 2.0	December 2023	Policy direction	SNDGO / MCI	National AI vision and investment priorities

For a working AI deployer, the practical rule is: identify what binding statutes apply (PDPA always; sectoral laws if applicable), then identify which voluntary frameworks the relevant regulator expects to see followed. PDPC enforcement under PDPA references the March 2024 Advisory Guidelines. MAS supervision of financial institutions references FEAT, Veritas, MindForge, and (when issued) the AI Risk Management Guidelines. Cross-sector deployers reference MGF v2.0 plus the GenAI or Agentic AI generation as appropriate.

Is voluntary compliance really voluntary?

The single most important question for AI deployers in Singapore is whether the voluntary frameworks above are operationally optional. The answer, per consistent practitioner analysis, is no.

Three mechanisms make voluntary frameworks effectively mandatory:

1. Statutory enforcement weighs framework alignment. PDPC, in exercising PDPA enforcement powers, considers whether organizations have followed the March 2024 Advisory Guidelines. MAS, in supervisory examinations under the Banking Act, considers whether financial institutions have implemented FEAT and Veritas methodologies. Non-alignment does not by itself produce penalties — but it shifts the regulator’s discretion when penalties are being calibrated.

2. Procurement and B2B contracts increasingly require framework alignment. Premier members of AI Verify Foundation include Google, Microsoft, IBM, AWS, and Salesforce. Major Singapore corporates — DBS Bank, Singapore Airlines, OCBC — routinely use AI Verify or Veritas in procurement diligence. A vendor that cannot produce a credible AI Governance Report or FEAT assessment will lose enterprise deals to vendors that can.

3. International alignment depends on Singapore frameworks. Singapore’s MGF informed ISO/IEC 42001 development. AI Verify maps to EU AI Act, NIST AI RMF, OECD AI Principles, G7 Hiroshima Process, and ASEAN AI Governance Guidelines. Companies operating across Singapore and other jurisdictions find it operationally easier to use Singapore’s frameworks as the integration backbone — making them practically mandatory for multinational deployers.

Eversheds Sutherland’s analysis of the January 2026 Agentic AI Framework captures the dynamic: “alignment with the framework can support organisations with managing legal exposure and regulatory risks. This is because organisations deploying AI still ultimately remain accountable for the actions of and impacts caused by their AI use cases under existing laws.” The same logic applies to every voluntary instrument in the Singaporean architecture.

The honest framing for practitioners: Singapore’s frameworks are voluntary in the sense that no fines flow directly from non-compliance with them. They are mandatory in the sense that supervisors, customers, and partners expect alignment, and non-alignment produces commercial and regulatory friction even when it does not produce penalties.

What companies should implement

For organizations operating AI in Singapore — or planning to — five steps make up a practical baseline that aligns with current frameworks and anticipates near-term regulatory developments:

1. Map your AI portfolio against the four MGF areas. Document for each AI system: governance ownership (which named human is accountable), human involvement category (in/on/over-the-loop), operations management posture (data quality, monitoring, incident response), and stakeholder communication mechanisms. The four MGF v2.0 areas are still the conceptual backbone of every Singaporean instrument.

2. Pick the right MGF generation per use case. Traditional AI (predictive ML, recommendation systems): MGF v2.0. Generative AI (LLM-based applications): MGF for GenAI. Agentic AI (autonomous agents calling tools): MGF for Agentic AI. Document which generation each system is governed under and update as systems evolve.

3. Use AI Verify or Veritas for testing. Cross-sector deployers should produce an AI Governance Report against the AI Verify 11 principles for material AI systems. Financial institutions should additionally use the Veritas Toolkit and align with MindForge handbooks. Both produce documentation regulators and partners increasingly expect.

4. Treat the PDPC March 2024 Advisory Guidelines as binding in practice. Build consent and notification flows that align with the Advisory Guidelines. Maintain data provenance records. If you are a third-party AI developer, ensure your data intermediary obligations are documented. The PDPA is binding; the Advisory Guidelines determine how PDPC will interpret enforcement.

5. Prepare for the MAS AI Risk Management Guidelines. Financial institutions should not wait for final publication. The proposed guidelines (consultation closed January 31, 2026) overlap substantially with FEAT, Veritas, and MindForge — institutions that are implementing those will be largely positioned. Specific gaps to close pre-publication: AI inventorization, risk materiality assessment per use case, and capability/capacity documentation.

For comparative perspective: Singapore’s frameworks share substantial conceptual ground with the NIST AI Risk Management Framework and inform how the EU AI Act’s high-risk obligations are operationally implemented. Companies operating in both Singapore and the US or EU often find that AI Verify documentation satisfies a meaningful portion of NIST RMF or EU technical-documentation requirements. For the agentic-specific cross-jurisdiction picture see Agentic AI Regulation: The Closing Gap.

Sources

• IMDA. “Model AI Governance Framework — Second Edition.” January 21, 2020. https://www.pdpc.gov.sg/help-and-resources/2020/01/model-ai-governance-framework
• IMDA. “Model AI Governance Framework for Generative AI.” May 29, 2024. https://aiverifyfoundation.sg/
• IMDA. “Model AI Governance Framework for Agentic AI.” Version 1.0, January 22, 2026. https://www.imda.gov.sg/-/media/imda/files/about/emerging-tech-and-research/artificial-intelligence/mgf-for-agentic-ai.pdf
• AI Verify Foundation. “AI Verify Testing Framework and Toolkit.” https://aiverifyfoundation.sg/
• AI Verify Foundation. “Project Moonshot — LLM Evaluation Toolkit.” https://github.com/aiverify-foundation/moonshot
• Monetary Authority of Singapore. “Principles to Promote Fairness, Ethics, Accountability and Transparency (FEAT) in the Use of Artificial Intelligence and Data Analytics.” November 2018. https://www.mas.gov.sg/publications/monographs-or-information-paper/2018/feat
• Monetary Authority of Singapore. “Veritas Initiative.” https://www.mas.gov.sg/schemes-and-initiatives/veritas
• Monetary Authority of Singapore. “MAS Guidelines for Artificial Intelligence (AI) Risk Management.” Consultation paper P017-2025, November 13, 2025. https://www.mas.gov.sg/news/media-releases/2025/mas-guidelines-for-artificial-intelligence-risk-management
• Monetary Authority of Singapore. “Project MindForge — AI Risk Management Toolkit for the Financial Sector.” Phase 2 conclusion, March 20, 2026. https://www.mas.gov.sg/news/media-releases/2026/mas-partners-industry-to-develop-ai-risk-management-toolkit-for-the-financial-sector
• MindForge. “AI Risk Management: Executive Handbook.” November 2025. https://www.mas.gov.sg/-/media/mas-media-library/schemes-and-initiatives/ftig/project-mindforge/mindforge-ai-risk-management-executive-handbook.pdf
• Personal Data Protection Commission. “Advisory Guidelines on the Use of Personal Data in AI Recommendation and Decision Systems.” March 1, 2024. https://www.pdpc.gov.sg/-/media/files/pdpc/pdf-files/advisory-guidelines/advisory-guidelines-on-the-use-of-personal-data-in-ai-recommendation-and-decision-systems.pdf
• Smart Nation and Digital Government Office. “National AI Strategy 2.0.” December 4, 2023. https://file.go.gov.sg/nais2023.pdf
• Cyber Security Agency of Singapore. “Securing AI Systems Guidelines + Agentic AI Addendum.” October 2025.
• Bird & Bird. “PDPC Advisory Guidelines on the Use of Personal Data in AI Recommendation and Decision Systems.” 2024. https://www.twobirds.com/en/insights/2024/singapore/pdpc-advisory-guidelines-on-the-use-of-personal-data-in-ai-recommendation-and-decision-systems
• Eversheds Sutherland. “Singapore: Understanding Singapore’s new Model Framework for Agentic AI Governance.” February 2, 2026.
• Personal Data Protection Act 2012 (No. 26 of 2012); Personal Data Protection (Amendment) Act 2020.

---

Reg Intel is not a law firm and does not provide legal services. This article is for informational purposes only and should not be relied upon as legal advice. Consult qualified counsel for your specific compliance situation.

Singapore Wave 2 — Deep Dives + EU Comparison

• Singapore AI Verify Testing Toolkit Explained
• Singapore MAS AI Risk Management Guidelines (2026)
• EU vs Singapore AI Regulation: Binding Law vs Voluntary Frameworks

For Singapore-headquartered companies

If your operations are Singapore-based and you serve EU users or counterparties, see Singapore vs EU AI Regulation: A Singapore Practitioner’s Guide (2026) — the operational companion covering EU AI Act extraterritoriality, Singapore frameworks as your EU compliance baseline, and sector mappings for financial services, medical AI, and data protection.